We also veer off to chat about the current explosion of generative AI models and the pros and cons of offloading tasks to generative AI tools and platforms across all industries and roles. The automation can be used to take care of some of the initial triage of security event information to separate the signal from the noise and only elevate things that are more likely to be legitimate concerns to the human security analysts to examine more closely.Ĭheck out the full episode for our discussion of automating routine security tasks using browser extensions, and insight from John on how these automations also reduce alert fatigue and help maintain consistency from analyst to analyst in how things are done. Effectively, what Gillis is doing is using browser extensions to automate the sorting of the pieces so he can leapfrog to the analysis and problem-solving aspects of the effort.Īside from reducing the manual effort required for tedious tasks, this sort of automation also helps address alert fatigue. It is only after you do this tedious sorting that you can get down to business and analyze the pieces to figure out how they fit together and solve the puzzle. When you dump out the box of a 1,000-piece puzzle, the first thing you typically do is sort the pieces into general color groupings so you can more easily find a red piece or a green piece or whatever as you work to construct the puzzle.
The analogy I use to describe this effort is a jigsaw puzzle. My effort here helps keep the focus on my analysis work by letting the browser automate the more mundane tasks.
“As a member of our SOC team, I always look for ways to help improve efficiency in how we do our jobs - every second of our time matters when we need to respond to and defend against ever-evolving threats. In a recent blog post, John explained how he uses browser extensions in the SOC and the impact that has for him and his team. John Gillis, a Senior Cybersecurity Analyst for the SOC at Adobe, joins me on this episode of the TechSpective Podcast to share how he uses custom browser extensions to automate routine and mundane tasks to streamline operations and free up time to do more complex work. However, a good percentage of the work that is done in a Security Operations Center (SOC) is tedious–tasks that must be done, but hinder the ability to focus on the more complex work of identifying and resolving issues.
:max_bytes(150000):strip_icc()/001-chromebook-itunes-4160778-7d72a67ac61340af95ef2f0bba216dbb.jpg "can i download itunes to a chromebook")
Security analysts spend their days monitoring activity in applications and across the network to identify vulnerabilities, detect attacks, and take the appropriate actions to prevent or mitigate threats. Subscribe: Apple Podcasts | Google Podcasts | Stitcher | RSS TechSpective Podcast Episode 106
0 kommentar(er)
