Defcon 26 schedule2/13/2023 ![]() ![]() ![]() Lots of areas where the developers need to be shielded from politics to stay effective. The other part is API keys (with the right permissions) to things you probably don't own, which are political conversations and can stagnate your development velocity have credentials/access ready or at least buy-in from stakeholders with a plan if it might affect them (i.e., o365 email deletion playbook that requires r/w to all mailboxes). it will malign the speed of the developers). so before you buy licenses you should nail down a collection of work and prioritize the modular components (and keep it out of a committee approach. There are a few specific ways you can attack the problem of the automation step, but it fails without very granular processes. Some people are purely for automating swivel chair actions, some people are more for kinetic response to alerts (risk preference, like automated containment of an endpoint). I know someone else uses Demisto, and they have entire teams around automation who work strictly out of the tool (without a SIEM). Phantom has a slack channel, so once you do the demo you can see. Rob Gresham is Phantom, he is in the professional services area and is a straight talker. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |