S01E07 – D12: Sentralisert logging og D13: Incident Management
O3C - Cloud Security Podcast21 Helmi 2021

S01E07 – D12: Sentralisert logging og D13: Incident Management

Beskrivelse: I episode 7 går Olav og Karim gjennom domene 12 sentralisert logging og domene 13 Incident Management. Under domene 12 går vi blant annet gjennom sentralisert logging, beskyttelse av logger, retention på logger, SIEM, dashboard, typiske kilder til SIEM, deteksjoner, single pane of glass, med mer. Under domene 13 dekker vi blant annet event vs incident, ulike trinn av incident management og hva du bør ha fokus på under hvert trinn, CERT, med mer. Level: 200 Overordnet agenda med tidspunkt: 00:00 – 02:50: Introduksjon, oppdatering, tilbakemeldinger 02:50 – 06:08: Sentralisert logging, beskytte logger, logg retention, SIEM, loggkilder 06:08 – 09:35: Agent vs ikke-agent, deteksjoner 09:35 – 16:55: Event vs Incident, før-underveis-etter, lessions learned, GDPR, CERT 16:55 – 18:32: Dagens sjekkliste 18:32 – 18:40: Oppsummering, avslutning Dagens sjekkliste: #1: Har du sentral logging? Og er disse god beskyttet? Retention? #2: Videresendes viktige logger til SIEM? Har du en god prosess for å få inn nye logger fra nye systemer? #3: Har du bygget gode deteksjoner? Og har du kontroll over livssyklusen til disse? #4: Har du en Incident Response Plan? Og hvor ofte tester du den? Kilder som nevnes/anbefales: – https://CastO3.no Medvirkende: - Olav Østbye, Cloudworks - Karim El-melhaoui, NBIM Følg oss! - https://www.linkedin.com/company/O3CYBER - https://twitter.com/O3CYBER - https://facebook.com/O3CYBER.no Ris og ros? Gi oss gjerne en tilbakemelding, både positive og forbedringspotensiale. Dette kan du gjøre via kontakt oss i menyen på nettsiden vår, CastO3.no Forslag til nye episoder? Skulle du ha noen ønsker/forslag til nye episoder så ta gjerne kontakt med oss på den måten du selv ønsker, se nettsiden vår CastO3.no

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(61)

Special Episode with Nora Bodin and Anna Beruldsen at Sikkerhetsfestivalen 2025

Special Episode with Nora Bodin and Anna Beruldsen at Sikkerhetsfestivalen 2025

In this special edition of the O3 Cloud Security Podcast we are coming live from Sikkerhetsfestival 2025 in Lillehammer. Nora Bodin and Anna Beruldsen are two very talented Cyber security Consultants ...

12 Syys 202530min

Special Episode with Nora Tomas at Sikkerhetsfestivalen 2025

Special Episode with Nora Tomas at Sikkerhetsfestivalen 2025

In this special edition of the O3 Cloud Security Podcast we are coming live from Sikkerhetsfestival 2025 in Lillehammer. Nora Tomas is a Senior Software Engineer working with authentication and author...

5 Syys 202531min

S05E06 - Security Automation and Go Security with Audun Blichfeldt Mo

S05E06 - Security Automation and Go Security with Audun Blichfeldt Mo

In this episode, the Håkon and Olav discuss cloud security automation with expert Audun Blichfeldt Mo from Remarkable. They discuss how to effectively automate and improve security operations in the c...

26 Kesä 202549min

S05E05 - Cloud Incident Response with Noah McDonald

S05E05 - Cloud Incident Response with Noah McDonald

In this episode, the Håkon and Olav discuss the cloud incident response with expert Noah McDonald from Google Cloud. They explore the differences between traditional and cloud incident response, the i...

1 Kesä 202546min

S05E04 - Cloud Threat Landscape with James Berthoty

S05E04 - Cloud Threat Landscape with James Berthoty

In this episode, James Berthoty, Karim El-Melhaoui and Håkon Sørum discuss the evolving landscape of cloud security. The necessity of specialized tools like CNAPP and CADR for effective monitoring and...

8 Touko 202544min

S05E03 - Cloud Threat Detection with Anja Olsen

S05E03 - Cloud Threat Detection with Anja Olsen

In this episode of the O3 Cloud Security Podcast, Håkon Sørum and Anja Olsen delve into the intricacies of cloud threat detection, discussing its differences from traditional detection methods, the im...

11 Huhti 202550min

S05E02 - Cloud Security Strategy with Rami McCarthy and Olav

S05E02 - Cloud Security Strategy with Rami McCarthy and Olav

In this episode of the O3C Cloud Security Podcast, host Håkon Sørum and guests Rami McCarthy and Olav Østbye delve into the intricacies of cloud security strategy. Rami shares his extensive background...

27 Helmi 202558min

S05E01 - Cloud Security Challenges with Olav and Karim

S05E01 - Cloud Security Challenges with Olav and Karim

In this episode Håkon has Olav and Karim on the podcast to discuss the upcoming season and some common challenges organizations face when using cloud services. Find us at: https://www.linkedin.com/com...

6 Helmi 202534min