John Petropoulos is a security architect with over 16 years of experience working with all types of security operation centers, large and small. Specializing in breach detection and incident response, John has designed content development strategies and integration approaches that support some of the largest security operations in the world.
Here at Respond Software, John is developing probabilistic models based on his experiences that evolved while working with a wide array of products and environments.
Security engineers supporting a Security Operations Center (SOC) face the difficult job of providing an appropriate quantity of actionable alerts to SOC analysts. Typically, they are tasked with presenting alerts of interest to the analyst and they accomplish this by managing detection technologies, developing detection content and integrating security context. As they try to maintain the analyst’s console, their duties become overly complicated and riddled with hidden costs.
Mention to a security engineer that their problem of event log plumbing has finally been solved, and you will hear a big sigh of relief. Big data technologies and streaming platforms have come to the rescue by automating the arduous process of gathering, storing and distributing logs, and thereby presenting new, welcomed and liberating opportunities