Security is a critical, if somewhat overwhelming, task for any organization. As products grow and teams expand, the challenge of maintaining a security posture at scale increases as well. This is where automation comes in. The ability to automate security tasks offers obvious benefits such as increased speed, while also driving deeper shifts in a company’s culture and processes.
Today, we’re happy to announce that Tines and Elastic are partnering to help our joint users detect security threats and reduce mean time to respond. Many of the world’s best security teams rely on the power of Elastic’s high-speed, cloud-scale detection, prevention, and response capabilities to investigate and contain potential security threats within their environments.
In our fourth episode of the Future of Security Operations podcast, Thomas speaks with Johannes Gilger— CEO and founder of urlscan, a URL and website scanner that enables users to take a look at the individual resources that are requested when a site is loaded. Prior to founding urlscan, Johannes managed the Threat Intelligence Automation team at CrowdStrike.
The cloud offers agility and speed for DevOps teams. Being able to spin up environments and create applications in a fraction of the time previously required helps organizations launch new capabilities for customers, employees, and vendors quickly. For most companies, this means reduced time to market and the ability to recognize revenue faster.
Toil — endless, exhausting work that yields little value in DevOps and site reliability engineering (SRE) — is the scourge of security engineers everywhere. You end up with mountains of toil if you rely on manual effort to maintain cloud security. Your engineers spend a lot of time doing mundane jobs that don’t actually move the needle. Toil is detrimental to team morale because most technicians will become bored if they spend their days repeatedly solving the same problems.
Professionals working in cyber threat intelligence (CTI) overwhelmingly enjoy their jobs; over 66%, according to a limited survey of CTI professionals. They enjoy playing detective, investigator, researcher, analyzer, and communicator. What do they not love about the job? Chasing down bits and pieces of information manually through tons of different interfaces. Wrangling a time-intensive monstrosity of various files, web pages, and inconsistent formats, then merging them (ungracefully).
As we previously discussed in the Automating Your Cloud Security Posture Management (CSPM) Response blog post, CSPM is a vital component in any environment leveraging cloud services. Whether you are using a single cloud or are in a multi-cloud scenario, the complexity of these cloud platforms is constantly expanding. Staying on top of new changes in policies and functionality to ensure that you are maintaining a secure environment is daunting - and almost impossible to do without automation. No one has the resources to spend on maintaining a large team of cloud specialists who just audit everything that is in use.
