Empowering the Employee: Incident Response with a Security Bot - Jeremy Krach - AppSecUSA 2018

jNxjUKZpDWo/default.jpg

As organizations scale, it can become increasingly difficult for a small security team to process the large volumes of alerts. In addition, the employee who triggered the alert frequently has the most context as to what transpired. At our organization, we use a Slack bot to engage employees after suspicious activity. Involving employees has the dual benefit of raising company-wide security awareness and lightening the load on our security team. Employees also give us valuable insight into why an alert was triggered, so we can take the appropriate action as quickly as possible. WeĆ¢€™re here to share some of the lessons learned after using this system for one year.


Speaker

Jeremy Krach
Software Engineer, Pinterest

-

Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...

jNxjUKZpDWo/default.jpg
Empowering the Employee: Incident Response with a Security Bot - Jeremy Krach - AppSecUSA 2018 Empowering the Employee: Incident Response with a Security Bot - Jeremy Krach - AppSecUSA 2018 Reviewed by Unknown on November 21, 2018 Rating: 5