“Engineering is about the best change given the resources available”
Grab all the fresh ingredients, put them in your KitchenAid™ and hit the power button until it starts spilling all over! This is how most SIEM projects are still run today.
The ambitious cook or content engineer makes something very good out of the fewest possible ingredients or data sources. The best ingredients are selected based upon who you cook for or your customer goals and expectations. The time and resources available is what makes engineering a very challenging task, just like cooking.
How can I help?
Security Use Cases design & development.
After you get your SIEM up and running, that’s what determines what goes in (or even out!). I help you get started on content engineering practice as well as mature it in case you already embrace custom content building.
Splunk Enterprise Security (ES) assessment and custom add-ons development.
Actionable reports and metrics, interactive dashboards aiding threat hunters and high-fidelity alerts from fine-tuned correlation searches. That’s basically it.
Training – but only for the eager ones!
SPL™ fluency empowers users to quickly slice & dice data which is at the core of threat hunting. Writing new detections is a continuous process. Get in touch to know about workshops for detection engineers and threat hunters.
Get to know more about my recipes, happy to schedule a call and share recommendation letters and introduce my portfolio!