I know I don’t post too much about work and work projects because it’s just something mostly private and work related. But I think I could post this.
I have both Splunk and Cribl in my SIEM environment and because we have a tight relationship with our vendors, we had them come out to do an assessment from their perspective. So I flew out my SIEM guy and the rest were local, and we all got to work together and at the end of the day, we broke bread together. The next day was the same thing with the same members but a different vendor.
It was really nice to get with everyone and have these chats and validate what we are doing is the best thing we are doing.
After it was all said and done, I went to a happy hour for my team mate, Q, who got his CISSP