Working from home presents its own set of challenges for teams when it comes to security operations. Let’s use this as a place for sharing some of the tools or strategies we’re using to help manage security-related matters when we’re working from home.
One of the more common themes we’ve seen recently is using the ChatOps feature in InsightConnect workflows to perform tasks via Slack or Microsoft Teams. What this means is that you can enter a short command in your chat window to do whatever it is you’re looking to do, and that will activate the corresponding workflow to take care of the task. The task could be anything from performing a password reset to retrieving vulnerability info, to doing indicator enrichment, and more. It makes it easy to quickly knock a bunch of repetitive items off your to-do list.
What strategies or tools help you the most when trying to manage security operations while working from home? Or on the flip side - is there something security-related you’re trying to figure out how to do effectively when working from home? Maybe folks here can help!