John GilmourSecurity events: Expect the unexpected.Most cyber-events that come out of a SIEM are predictable. If you ingest logs for failed/successful logins, you will trigger brute force…5 min read·Mar 23, 2021----
John GilmourSIEM: use case prioritisation.During my first article, I wrote extensively about how I thought that use-cases were a crucial part of any SIEM. I spoke about what log…6 min read·Oct 22, 2020----
John GilmourSIEM Monitoring: What Data should on-board in the real world?One of (if not the most) common questions I get, both during interviews, and from security friends is ‘I’m building a SIEM System, what…6 min read·Sep 7, 2020----
John GilmourNetwork discovery: Finding the unknown on your internal network.Introduction7 min read·Aug 24, 2020----