Royce Williams on Nostr: Are your app and integration teams expected to regularly work directly with your ...
Are your app and integration teams expected to regularly work directly with your blue/SIEM team to identify which alerts are "wake people up if you see this" worthy? Are they re-checking with each new release, and each vulnerability announcement?
(They should be.)
Published at
2024-11-26 16:55:13Event JSON
{
"id": "4dfc6fa644128c8ddaa29108cef75e48654057d267b59e4fa7c5f6d969f9bd78",
"pubkey": "fd78ea493e466e5403543ba50475e8acc79157ea3bab423b53f780a89c92423e",
"created_at": 1732640113,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/tychotithonus/statuses/113550302501482359",
"activitypub"
]
],
"content": "Are your app and integration teams expected to regularly work directly with your blue/SIEM team to identify which alerts are \"wake people up if you see this\" worthy? Are they re-checking with each new release, and each vulnerability announcement?\n\n(They should be.)",
"sig": "5bd82541974941a14d9e5e83cbec61cf1a9ae2a611124f1494111486e828355f7d3e79a1556d9550f584b89b0c8a15a9989adb9907b999a5639bd4b0ea37579c"
}
