COLLECTION IS NOT DETECTION AND OTHER
RULES FOR MONDERNISING SEC OPS
By Sarah Young
Security operations has always been hard. How many logs should we collect? Which logs should we collect? How to we respond and remediate things quickly? Then just when you thought you'd got it right for your on-premises, you've decided to move the cloud and have to start all over again... or do you? In this talk Sarah will discuss how security operations change from on-prem to the cloud and how to optimise your security operations in a hybrid environment to make use of modern tooling such as automation, AI/ML, etc.
Take Aways: You need to do security operations differently when you have an all-cloud or hybrid environment. Simplify, simplify, simplify - you don't need all the logs. Take people out of the equation as much as possible to optimise sec ops efficiency.
About the Speaker
Sarah is the self-titled Princess of Microsoft Azure Security. Allegedly she lives in Melbourne but is more likely to be found in airport lounges across Asia. Sarah loves cloud security and spends most of her time telling people how to do it better and generally nerding about tech things.