“I am always a major proposer of automation in those security systems as the first line of defense, especially if it is not a highly harmful action,” says Imler. “Automation is actually useful as the first rows of defense when you see something happens and you need a chance to try it, where you can be problematic when you go to overboard.”
He says, “I think it is good to be very agile and selective and recognizes this account that just an attempt has been made to do something that should never be done and that account should be disabled for a while or issue a logout for a universal logout, something is that until someone had a chance to go, what to overcome to remove their reach?”
In addition, Cisco Talos ‘cadiques’ is emphasized, incorporating a danger an actor to have an event response plan and then to follow it. “It goes back to the IR scheme that they should have developed. Ways to control, our people and technology -based options, and how to execute those people should be a basis. And then, of course, the plan should be tested.”
