Another buzzword to sell new products but, will they really do anything useful?
Probably so, here is an interesting essay from Bruce on the "Orchestration" and "incident response" to understand it better
Data does not equal information, and information does not equal understanding
Data does not equal information, and information does not equal understanding
Uncertainty demands initiative, while certainty demands synchronization
When things are uncertain, you want your systems to be decentralized. When things are certain, centralization is more important. Good incident response teams know that decentralization goes hand in hand with initiative.
Automation has its place. If you think about the product categories where it has worked, they’re all areas where we have pretty strong certainty. Automation works in antivirus, firewalls, patch management and authentication systems
For More info:
https://securityintelligence.com/security-orchestration-for-an-uncertain-world/
No comments:
Post a Comment