Lessons from the trenches in cyber, large enterprise edition:
- Everybody has 3 SIEMs that aren't integrated due to business politics, and thinks they can build a better SIEM too
- Everybody has a SOAR project which never completes and massively overpromises and will never deliver
- Everybody has CyberArk, Thycotic Secret Server etc and downstream users pretend to use it, but really every service account password was last changed before the first Chris Evans Captain America movie came out.
Kevin Beaumont /
npub1lc…6lcye
2024-11-28 19:55:54
Author Public Key
npub1lcc6wn885u6k395x5j5tmdm94r6dh9zajxm8gyk82pv2s2j3el7sc6lcyePublished at
2024-11-28 19:55:54Event JSON
{
"id": "8a265df7851b301599254438f02581a34e7cbed1d5ef526aa9fe584e953a8f7c",
"pubkey": "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd",
"created_at": 1732823754,
"kind": 1,
"tags": [
[
"proxy",
"https://cyberplace.social/@GossiTheDog/113562337542359581",
"web"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/113562337542359581",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://cyberplace.social/users/GossiTheDog/statuses/113562337542359581",
"pink.momostr"
],
[
"-"
]
],
"content": "Lessons from the trenches in cyber, large enterprise edition:\n\n- Everybody has 3 SIEMs that aren't integrated due to business politics, and thinks they can build a better SIEM too\n\n- Everybody has a SOAR project which never completes and massively overpromises and will never deliver\n\n- Everybody has CyberArk, Thycotic Secret Server etc and downstream users pretend to use it, but really every service account password was last changed before the first Chris Evans Captain America movie came out.",
"sig": "3229ed9d4196347dbe0080d77b781df7952e9916a3ef28822f8816354c808604cf9ea9c7683706469b349c05cfbc7cfea0179ac7b86aacd368631fbab0e942d1"
}