Jake Williams · Oct 20, 2016 · 7:26 PM UTC

Jake Williams @MalwareJake

20 Oct 2016

TL;DR - they detected the hack by centralizing, correlating, and monitoring their logs. Am I right?

This tweet is unavailable

Hal Pomeranz · Oct 20, 2016 · 7:42 PM UTC

Hal Pomeranz · Oct 20, 2016 · 7:42 PM UTC

Hal Pomeranz @hal_pomeranz

20 Oct 2016

Which is not to say that log centralization/monitoring is a bad idea. It's "IT 101".

Oct 20, 2016 · 7:42 PM UTC

Jake Williams · Oct 20, 2016 · 8:16 PM UTC

Jake Williams @MalwareJake

20 Oct 2016

No. But "we centralized logs and found an intrusion" isn't a feature story you'll see me tweeting about...

Hal Pomeranz · Oct 21, 2016 · 1:32 AM UTC

Hal Pomeranz @hal_pomeranz

21 Oct 2016

Actually, you did tweet about it. </snark>