#281 - SIEM Secrets They Don’t Tell You (with Anton Chuvakin & Alex Hurtado)
Failed to add items
Add to basket failed.
Add to wishlist failed.
Remove from wishlist failed.
Adding to library failed
Follow podcast failed
Unfollow podcast failed
#281 - SIEM Secrets They Don’t Tell You (with Anton Chuvakin & Alex Hurtado)
-
Narrated by:
-
By:
About this listen
In this CISO Tradecraft episode, host G Mark Hardy talks with Anton Chuvakin and Alex Hurtado about how SIEM programs fail and how organizations overspend when implementations prioritize dashboards or compliance over actionable detection engineering and collecting the right data. They share costly war stories ranging from multi-million and eight-figure deployments that became expensive “log toilets” or missed incidents due to data rationing and gaps, to mid-market teams burned by next-gen startup SIEMs going end-of-life and forcing replatforming. The discussion covers why Gartner Magic Quadrants can be useful depending on organizational context, the tradeoffs of decoupled/hybrid SIEM and security data lake architectures (cost, coverage, vendor management, and real-time detection limits), migration and egress/lock-in concerns, emerging AI/agentic SOC models and pricing, and the need to define requirements and measure effectiveness with realistic detection testing metrics.