BSidesNCL 2020 @_bugc4t: Compliance meets SIEM automation

SIEM automation is driving a lot of SOC roles but the end-users of products like Splunk tend to be engineers or "techies". Approaching it from a GRC perspective gives us the ability to "prove" compliance. Industry standards such as PCI give focus to traditional receptors for logging: security incident and response teams. However, when you try and quantify compliance - e.g. what percentage compliant are we - we get a measure we can use ahead of audits. Plus other cool stuff like event correlation for tracking a hacker compromising a machine. Captured using OBS: Open Broadcaster Software®️ obsproject.com Edited using OpenShot Video Editor | Free, Open, and Award-Winning ...www.openshot.org