Josh ZelonisinThe Recovering AnalystYour Security Data Strategy Sucks Because You Don’t Have OneStop managing alerts and develop a successful data strategy. Important lessons from the data economy and how to improve your SOC.5 min read·Oct 14, 2022----
Josh ZelonisinThe Recovering AnalystHow I Learned To Stop Worrying And Love… Autonomous Security?Hating the term autonomous security isn’t going to make it go away. Here’s a guide to understanding the promise and a plea for…3 min read·Jun 17, 2022----
Josh ZelonisinThe Recovering AnalystWhen Scale Outpaces Human Intervention, It’s Not a People ProblemManual processes are rubbish. People are slow. Automation is the only way we can keep up with the automation leveraged by our adversaries.4 min read·May 12, 2022----
Josh ZelonisinThe Recovering AnalystThe MITRE ATT&CK Evaluation Needs To EvolveA recovering analysts thoughts on how MITRE has moved the industry and how it now needs to evolve to support enterprise companies.3 min read·Apr 5, 2022----
Josh ZelonisinThe Recovering AnalystDemystifying Zero TrustZero Trust is a fundamental approach to securing an environment and no one really understands it… Let’s fix that.4 min read·Jun 29, 2021----
Josh ZelonisinThe Recovering AnalystXDR Requires SOAR In Enterprise EnvironmentsDon’t settle for half baked SOAR capabilities slapped on an XDR solution when your organization requires enterprise response…4 min read·May 25, 2021----
Josh ZelonisinThe Recovering AnalystDon’t let Vendor Exuberance Distract from the Value of the MITRE ATT&CK EvaluationThe MITRE ATT&CK Evaluation is published as a scientific data set to enable you to interpret information about specific products such as…4 min read·Apr 23, 2021----
Josh ZelonisinThe Recovering AnalystCan XDR Survive Outside of SIEM?Analyzing the threat detection market through the lens of EDR, XDR, and SIEM to predict the next 5 years of innovation in the space.4 min read·Mar 23, 2021--1--1
Josh ZelonisinThe Recovering AnalystReframing Cybersecurity’s Contribution To The BusinessMusings on cybersecurity risk and how the risk equation doesn’t quite capture what we need to understand about business risk.4 min read·Feb 18, 2021----
Josh ZelonisinThe Recovering AnalystDetection Using Indirect Observation and Indicators of ConsequentIt doesn’t always make sense to create custom threat detections when realization of the threat leaves other artifacts in the environment.2 min read·Feb 8, 2021----