/cyberØ

douglas-bernardini-siem-splunk

Threat Hunting

/Application Monitoring

/Threat Hunting

/Operational Intelligence

/Observability

/Capabilities

Event
Analisys

Log management aggregates data from many sources, including network, security, servers, databases, applications, providing the ability to consolidate monitored data to help avoid missing crucial events.

Log
Correlation

Looks for common attributes, and links events together into meaningful bundles. This technology provides the ability to perform a variety of correlation techniques to integrate different sources, in order to turn data into useful information. 

Alerting
Monitoring

The automated monitoring analysis of correlated events. Alerts is typically a function of the Security Event Management portion of a full SIEM solution.

Dashboards
KPIs

Tools can take event data and turn it into informational charts to assist in seeing patterns, or identifying activity that is not forming a standard pattern.

Compliance
Data

Employing long-term storage of historical data to facilitate correlation of data over time, and to provide the retention necessary for compliance requirements. Long term log data retention is critical in discovery. 

Incident
Response

The ability to search across logs on different nodes and time periods based on specific criteria. This mitigates having to aggregate log information in your head or having to search through thousands and thousands of logs.

/Articles

Douglas Bernardini

Douglas Bernardini SIEM / SOC

Cybersecurity Specialist & Cloud Computing Expert with +10 years experience in IT infrastructure.

Specialist delivering assets for development teams in Google Cloud Platform (GCP) and Amazon web services (AWS)

Hands-on cloud security enterprise architect, with experience in SIEM/SOC, IAM, cryptography, pentest, network topologies, operating systems, databases, and applications.

Experience in DevSecOps analysis to discover vulnerabilities in software, identifying CI/CD risks gaps and recommending secure-coding process (S-SDLC).

Certs