Anton’s Security Blog Quarterly Q1 2025

Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast (subscribe).
Dall-E security blogging image
Top 10 posts with the most lifetime views (excluding paper announcement blogs, Medium posts only):

Security Correlation Then and Now: A Sad Truth About SIEM
Can We Have “Detection as Code”?
Detection Engineering is Painful — and It Shouldn’t Be (Part 1)
NEW Anton’s Alert Fatigue: The Study
Revisiting the Visibility Triad for 2020 (update for 2025 is coming soon)
Beware: Clown-grade SOCs Still Abound
Why is Threat Detection Hard?
A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next
Top 10 SIEM Log Sources in Real Life? [updated/modified version]
How to Think about Threat Detection in the Cloud

Top posts with paper announcements:

NEW: recent 3 fun posts, must-read:

Top 7 Cloud Security Podcast by Google episodes (excluding the oldest 3!):

EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil (our best episode! officially!)
EP8 Zero Trust: Fast Forward from 2010 to 2021
EP47 “Megatrends, Macro-changes, Microservices, Oh My! Changes in 2022 and Beyond in Cloud Security”
EP17 Modern Threat Detection at Google
EP109 How Google Does Vulnerability Management: The Not So Secret Secrets!
EP103 Security Incident Response and Public Cloud — Exploring with Mandiant
EP153 Kevin Mandia on Cloud Breaches: New Threat Actors, Old Mistakes, and Lessons for All

Now, fun posts by topic.
Security operations / detection & response:

(if you only read one, choose this one!)
Cloud security:

HGD:

CISO, culture, FMC, etc

AI security:

(if you only read one, choose this one!)
NEW: fun presentations shared:

Enjoy!
Previous posts in this series:

Anton’s Security Blog Quarterly Q1 2025 was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from Stories by Anton Chuvakin on Medium authored by Anton Chuvakin. Read the original post at: https://medium.com/anton-on-security/antons-security-blog-quarterly-q1-2025-d8906386503c?source=rss-11065c9e943e——2

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts