Kyle Pearson
Kyle Pearson is a solutions engineer with Graylog who has worked on enough SIEM and Log Management deployments to know his way around. After cutting his teeth in financial services, he held consulting roles for several SIEM vendors and has worked extensively with public sector and financial services customers.
Session
Log collection is the foundation of Security Operations. It is critical to have the correct host/application and a collection mechanism for events to facilitate correlation into SIEM/SOAR/XDR. Ineffective security events not only waste platform resources but also increase false-positive detections within a SOC; which then impacts moral and how long it take to triage an alert.
Led by SIEM engineering specialists who boast a combined +20yrs experience with clients across government and industry, learn and try some of the best practices and tips that help some of the UKs most critical SOCs run smoothly.
If you are playing with Security Onion, or building content and correlation rules, improve your effectiveness by only collecting the events you need…this is for you, take the trash out!