
The other say I essentially heard:
We’re too busy doing the stupid tasks to work out how to automate the stupid tasks so that we don’t have to do them any more
Andy
Dragging Security Operations into the 21st century, One playbook at a time
The other say I essentially heard:
We’re too busy doing the stupid tasks to work out how to automate the stupid tasks so that we don’t have to do them any more
Andy
twitter.com/mogwai_poet/status/1060286856493813760
OMG Skynet is born
No it’s fine, we’re safe
People complain that computers don’t do what they are told. The truth is the opposite, they do exactly what they are told. The real problem is that we as humans badly set the environment/parameters/questions.
Which is why a fire and forget SOAR approach isn’t always best, consider adding interactive steps:
Look at the following two approaches, and decide which is safer.
Andy
How did I not know of this place. I’m guessing online shopping is a little difficult
Andy
Yesterday we used this image at the eCrime conference and asked “what’s wrong with this picture?”
The ‘official’ answer was “SOC Analysts don’t have time to be in a bar”, as they likely have an alert queue 500 long.
However the audience gave equally funny answers:
And who wouldn’t expect a room full of analysts to give an analytical answer
Andy