Explore advanced observability techniques for security and privacy in this 37-minute keynote address from BSidesLV 2022. Delve into the differences between questions and investigations, learn about pivots and joins, and understand the benefits and costs associated with enhanced observability. Examine privacy considerations, problem framing, and the steps involved in the query process. Discover the importance of a unified source of truth and investigate the implications of data gathering. Gain valuable insights into moving beyond traditional logs and time series for more comprehensive security and privacy monitoring.
Beyond Logs and Time Series - Observability for Security & Privacy
Overview
Syllabus
Intro
Questions vs investigations
Pivots and joins
Benefits
Costs
Privacy
Frame the problem
Next steps
Query process
Unified source of truth
What happens when something gathers data
Taught by
BSidesLV
