Becoming a Multiheaded Hydra
Jen Andre at BSides Boston 2016
It is a universal truth acknowledged that security teams have too much to do, and never enough resources to do it.
Traditionally, there are tactical tasks that security organizations own that we all hate doing: event triage, managing vulnerabilities, and more. These tasks lead to alert fatigue and more: they suck up value time that security experts could be using to strategically design and improve security defenses.
WHAT IF: You could scale your security tasks beyond your organization? Instead of wagging fingers and waving sticks, you could instill a sense of ownership of security posture across your engineering and operations organizations?
This isn’t a pipe dream, this is happening: let’s look at how some other modern companies are scaling their security organizations without security personnel.
Jen Andre is an engineer and entrepreneur who loves infosec, Linux, hacking on open source, and delights in the weird and the wonderful.
She values experimentation and Getting Sh** Done. Having spent a career in infosec (she started as an event analyst in a SOC, then moved on to doing R&D at companies like Symantec and Mandiant), she co-founded Threat Stack. Most recently, she is founder and CEO of Komand, a startup based out of Cambridge.
Traditionally, there are tactical tasks that security organizations own that we all hate doing: event triage, managing vulnerabilities, and more. These tasks lead to alert fatigue and more: they suck up value time that security experts could be using to strategically design and improve security defenses.
WHAT IF: You could scale your security tasks beyond your organization? Instead of wagging fingers and waving sticks, you could instill a sense of ownership of security posture across your engineering and operations organizations?
This isn’t a pipe dream, this is happening: let’s look at how some other modern companies are scaling their security organizations without security personnel.
Jen Andre is an engineer and entrepreneur who loves infosec, Linux, hacking on open source, and delights in the weird and the wonderful.
She values experimentation and Getting Sh** Done. Having spent a career in infosec (she started as an event analyst in a SOC, then moved on to doing R&D at companies like Symantec and Mandiant), she co-founded Threat Stack. Most recently, she is founder and CEO of Komand, a startup based out of Cambridge.