1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Do we need vendor allies in the malware arms race?

Discussion in 'CSO' started by RSS, May 24, 2016.

  1. RSS

    RSS New Member Member

    “You simply cannot do incident response and all the functions of a security operations center anymore without vendor operational support.” That is a paraphrased version of what a colleague told me recently. At first, I raised my eyebrows; I’m a huge believer in self-reliance. After more consideration, though, I saw more than a little truth in the statement.

    A typical modern SOC covers numerous functions, including incident response, intrusion detection system (IDS) monitoring, threat hunting and threat intelligence. And that’s pretty much the bare minimum. Of course, in smaller environments, some of those functions may well be handled by the same person, but the functions nonetheless need to be there. This is 2016, after all.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page