Derek Arnold

Principal Consultant

Derek Arnold has spent the last 12 years securing large retail, medical device, and insurance companies. He has worked on large, diverse enterprises in the Fortune 500. His key specialties include security operations, threat intelligence, physical security and SIEM. As a principal consultant for Optiv, he helps organizations solve their unique security challenges using Splunk Enterprise.

 

Using Deception Systems to Augment SIEM

· By Derek Arnold ·

Many times, it can take large enterprises hundreds of days to detect security breaches. Worse yet, with in several recent instances, organizations have been notified of a breach by government agencies, or other third parties. Where does SIEM fit in as a detective control?

Continue reading

Accessible Threat Intelligence

· By Derek Arnold ·

Threat intelligence is a term that has entered our vocabulary as security practitioners over the last couple of years. According to Gartner, threat intelligence “is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice... that can be used to inform decisions regarding the subject's response to that menace or hazard.”

Continue reading

Four Thoughts for SIEM Success

· By Derek Arnold ·

Security information and event management (SIEM) is a unique security tool in its ability to rapidly identify threats to an organization. Automatically sifting through terabytes of disparate data sources is an impressive feat of computer engineering. With that background, it is understandable that SIEM has a higher degree of system requirements, tuning and maintenance than average.

Continue reading

Detecting Shellshock with SIEM Solutions

· By Derek Arnold ·

At the end of September, a serious vulnerability (CVE-2014-6271 and CVE-2014-7169) came to light affecting Linux/Unix and Apple OS X. The seriousness of the Bash Shellshock vulnerability is that it allows unauthenticated, arbitrary code execution remotely.

Continue reading
(4 Results)