Zero Trust step 5A: Stop Breaches—Inspect Every Event Now
Find Threat Talks on
Zero Trust step 5A: Stop Breaches—Inspect Every Event Now
Monitoring is often treated as an afterthought in cybersecurity, or worse, as a starting point. But without the right foundation, all those logs, alerts and SIEM dashboards won’t actually keep you secure.
In this episode of Threat Talks, host Lieuwe Jan Koning is joined by Field CTO Rob Maas as they delve deep into the monitoring part of Step 5 of Zero Trust: monitor and maintain.
Key topics:
· The difference between logs and events
· Why enriching content with context is key
· Why monitoring without protection is not enough
Additional Resources:
Your cybersecurity experts
Lieuwe Jan Koning
Co-Founder and CTO
ON2IT
Rob Maas
Field CTO
ON2IT
Episode details
For many organizations, monitoring starts and ends with collecting logs. But what happens when your SIEM floods you with noise, your SOC team can’t keep up, and there’s no context to tell you what matters?
In this episode of Threat Talks, host Lieuwe Jan Koning is joined by Rob Maas, Field CTO at ON2IT, to break down the “monitor” part of step five in the Zero Trust framework. They explain why step five only works when built on the foundations of the earlier steps – and why MDR alone won’t get you there.
From understanding the difference between logs and events, to applying context through protect surface metadata and automating decision-making with Rules of Engagement, this episode is packed with practical insights.
Get your Hacker T-shirt
Join the treasure hunt!
Find the code within this episode and receive your own hacker t-shirt for free.
