For security teams and security managers, there are more and more tools, in more and more places than ever before. At the same time, we have increased interest from management, investors and auditors about the security posture, operations and risk.
For real teams on the ground, answering the questions that stem from this, and providing the data is increasingly time consuming, often manual and quite frankly, frustrating. I didn't sign up as a security analyst to be pasting data from McAfee AV! This talk describes some common challenges, how the author has approached them in the past, what works/doesn't work, and explores some really useful data sources that you probably have, but probably haven't exploited yet.
The good news, is that oftentimes, there is good hard data available which demonstrates the value of all your hard work; it just needs to be brought out.
Audit and compliance headaches - can data you already have provide the answer?
I am a security technology consultant with ~20 years experience, I have possibly spent longer than is healthy deploying and integrating tools for security managers and operational teams. I am passionate about automation - no-one should spend time on repeatable tasks which computers should do!