JohnBusch

Security Engineer at Kforce
Has 10+ Years Of Experience

Badges

User Activity

About 3 years ago

Answered a question: Which solution do you prefer: Microsoft Defender for Office 365 or Proofpoint Email Protection?

In my opinion, there is little comparison. Proofpoint is an industry leader in email protection and has a very tightly integrated ecosystem for email defense, incident response, and awareness training. They have dedicated teams monitoring the threat landscape and…

About 3 years ago

Answered a question: What were your main pain points during the SIEM product purchase process?

You’ve got some pretty good answers so far. Here are a few of the pain points I’ve experienced Log source integration – not all SIEMs will work with all log sources easily. Be sure to catalogue all the different (especially non-standard) logs sources you want to…

About 3 years ago

Answered a question: How do you use the MITRE ATT&CK framework for improving enterprise security?

In modern SIEMs like Devo, you can use MITRE ATT&CK mappings to measure your security posture against risk techniques and tactics. You can monitor both your log coverage by category, to ensure you have the correct log sources integrated, as well as your alerting coverage…

Over 3 years ago

Contributed a review of Devo: Keeps 400 days of hot data, covers our cloud products, and has a high ingestion rate and super easy log integrations

Experience