Monad Community Bytes

Welcome to the April edition of Monad Community Bytes! We've been heads down building here at Monad and getting ready for BSides San Francisco and RSA Conference coming up next week! 🎉  

We can't wait to connect with our community, learn from industry leaders, and check out the latest innovations. If you're attending either event and would like to catch up, drop me a note here: darwin@monad.com

That said, let's dive into the latest happenings at the intersection of cybersecurity and data engineering!

Security Data Collection & Storage

In part two of our Data Engineering for Cybersecurity series, we examine the crucial elements and importance of having a data collection and storage strategy. We cover various data collection methods, including agent-based and agentless approaches. We cover key considerations for data retention and adopting a tiered storage approach for cost and performance optimization.

We also emphasize best practices for data security, privacy, compliance, and governance. Handling security logs and other data at enterprise scale is no easy feat and requires careful planning and execution. By implementing the strategies outlined, security teams can establish a solid foundation for their security program, enabling efficient collection, storage, and analysis of vast volumes of security data, ultimately enhancing threat detection, investigation, and response capabilities with more precision.

Read more

A Data-Driven Approach To Offensive Security

It's no secret that cybersecurity is finally becoming more data-driven. Offensive security tooling is no exception. This Forbes Technology Council post highlights the need for enterprises and security leaders to recognize the market gap in offensive security tooling and explore data-driven methods to maximize returns. By leveraging data from penetration testing, attack surface management, and leveraging AI/ML technologies, security teams can gain actionable intelligence on vulnerabilities, risk assessments, and potential attack vectors. Adopting data-driven offensive strategies where teams cross-pollinate with blue team data sources allows for streamlined incident response, anomaly detection, and proactive defense against emerging cyber threats.

Read more

Data Quality Is Now The Primary Factor Limiting GenAI Adoption​

As security-focused LLMs and genAI apps gain traction, ensuring data quality has taken the spotlight. Simply put, AI models are only as good as the data they're trained upon.

The blog highlights how genAI's ability to consume data at unprecedented scales and generate insights unpredictably strains traditional data governance. For security teams and genAI-powered solutions that heavily rely on security telemetry, compromised data quality can lead to significant risks, including false positives/negatives. In a world where security teams already experience heavy burnout and alert fatigue, ensuring that the tooling placed in their hands can be trusted is paramount.

Addressing this requires a shift in data management approaches, closely aligning security, operations, and technology teams. Expanding the roles of data stewards and actively curating security data conversations becomes crucial. Robust data security and ETL solutions that ensure high data quality, compliance, and governance are non-negotiable when implementing and managing mission-critical genAI apps. The blog linked below goes in-depth on how enterprises building genAI apps, whether for security or not, can nail the data quality component.

Read more

Have Feedback?

If you have any feedback on how to make these monthly digests more valuable or relevant to you, please reach out! Our goal is to provide you with actionable insights and guidance without any marketing fluff!

‍