Liam Stevenson

Using AWS and Azure for Cost Effective Log Ingestion with Data Processing Pipelines for SIEMs

Liam Stevenson, Associate Director of Technical Services within NCC Group's Managed Detection & Response division, shows how to derive significant cost efficiencies in SIEM platform consumption with smart log ingestion utilizing pre-processing data pipelines and modern cloud services. Doing so significantly reduces data volumes to the SIEM without loosing the…

Read more

Extending a Thinkst Canary to become an interactive honeypot

In this post we explore how to use the extensible nature of Thinkst Canary to build a high interaction honeypot.

Read more

Practical Machine Learning for Random (Filename) Detection

There is much hyperbole around machine learning and artificial intelligence in Managed Detection & Response. We detail when to apply and what reasonable results can be achieved on a specific real-world problem.

Read more