Explore a groundbreaking approach to security information and event management (SIEM) in this 35-minute conference talk from BSidesLV 2021. Dive into the world of serverless SIEM as Chen Cao and Daniel Stinson-Diess present their innovative solution for detecting threats. Learn about the design process, log ingestion techniques, analysis methods, and notification systems. Discover how automations and a dedicated Detection Response Team enhance security operations. Gain insights into open-source and cloud-native technologies, while considering important factors such as storage costs and potential sources of complexity. Whether you're a security professional or enthusiast, this talk offers valuable knowledge on cutting-edge SIEM implementations using Cloudflare's infrastructure.
Overview
Syllabus
Intro
Team Introduction
What is Cloudflare
Design Process
Log ingestion
Analysis
Notifications
Automations
Detection Response Team
QA
Open Source
Cloud Native
Things to watch for
Storage costs
Automation
Sources of Complexity
Taught by
BSidesLV
