Automation SIG: A New SIG Adventure

Published by Kevin on

By Aaron Kaplan
Wednesday, January 5th, 2022

Motivation

Every incident response team globally is facing a serious increase of workload. As attackers scan and penetrate networks via automation, so must defenders look
at automation.

However, there is no single silver bullet for “automating-away” all of the incident response on the defenders side.
Fortunately, FIRST is a strong community which improves security together. The Malta theme conference was “Security is not an island”, SIGs are created for this
exact purpose. In other words: it makes sense to share knowledge within the SIG, learn from each other and share the condensed knowledge back to the FIRST
community. Together we are stronger. Divided we fall.

What we will do

Our aim is to start with a tour of what exists. We would like to gather your stories first. Your successes and even more interesting – your failures in order to not
repeat the same mistakes twice.

From there, we would also like to build a list of tools that have prooven to be effective together with their strenghts and weaknessess and their applicability. After
all, a tool that works very well for a specific use-case might not be the right one for a different setting. By grouping all the tools available (commercial & open-
source), each of us will have a starting point to look at which one might be appropriate to support our own needs.

Who?

We also believe in collaboration. It’s why we want this SIG to be open to anyone willing to contribute but also establish links with other commmunities like IHAP
(Incident Handling Automation Projects group) and TF-CSIRT.

How to get in touch

We plan to kick-start this SIG with a short survey on your needs, your experiences and your potential input.
The SIG will have quarterly calls starting end of January 2022.

In addition, we will use FIRST’s wiki for documentation purposes and for sharing your know-how
back to the wider FIRST community.

You can reach the SIG-chairs via email. In addition, we have a Slack channel.

Joining the SIG is easy: just log into the FIRST portal and click join: https://portal.first.org/g/Automation%20SIG

Source

SDCP Blog

Categories: News

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Misc News

Flipboard leaves X for Mastodon

Social media platforms and their applications rise and fall, adapt and transform, mirroring the dynamic nature of human communication. In recent weeks, a significant shift has taken place, as Flipboard, a popular news aggregation app, Read more…

Browsers News

Arc Max provides AI experience without overwhelming users with AI

The incorporation of artificial intelligence (AI) has become a common theme for web browsers, often manifested as intrusive sidebars or gimmicky features. However, Arc Max Browser, a relatively new entrant in the scene, is bucking Read more…

disclaimer Music News

Fans are still waiting for Ticketet’s systems to open

Our team is always looking for things we think our readers will value. We have received compensation for publishing this article. About 3 months before the Australian leg of Taylor Swift’s Eras Tour, Swifties are Read more…