Good security may come from strong defenses, but strong security comes from a good offense. This is especially true for network security, where minutes can make the difference between a breach and a near miss. For example, if an unknown IP address triggers an alert for suspicious or abusive behavior, the faster you can isolate and block that address, the less likely it is that the person or entity at the other end can do damage.

In our second episode, we speak with Elastic’s Product Marketing Director James Spiteri, an experienced security practitioner turned product marketer with a passion for making security accessible and easy for anyone and everyone.

What's frustrating security analysts on a daily basis? When we asked that question in our recently published 'Voice of the SOC Analyst' survey, the number one answer was "spending time on manual work" like reporting, monitoring, and detection. Why would that frustrate them? Manual tasks are repetitive, mundane, and tedious, and force analysts to spend most of their day or week chasing down answers or following up on alerts, only to do it again the next day.

Analysts are being weighed down by mundane, tedious tasks, preventing them from doing their best work, causing burnout, and leading them to the point of wanting to leave their jobs. SOC analysts' biggest frustration and one of their top challenges is having to spend time on manual tasks, according to our recent report, 'The Voice of the Analyst.' These tasks are not only repetitive, but they're taking them away from more engaging, higher-impact work.

With agile development, the software development life cycle has evolved, with a focus on customer satisfaction to enhance product features based on user feedback. This helps shorten the time to market, since teams can release a minimally viable product, then continuously improve its features. The agile technique encourages team cooperation through sprints, daily standups, retrospectives, testing, quality assurance and deployment.

For security teams, properly managing which users can access resources and governing the level of access those users have is about as basic as locking the door at night. Understandably then, there are thousands of options available to fine-tune or revoke access, and it’s likely that issues come up daily for most companies—if not hourly.

There’s no question that centralized identity and access management (IAM) helps companies reduce risk and prevent attacks. But, as this week’s Okta attack shows, centralized IAM doesn’t eliminate all risks. Attackers with access to IAM data can use this information to easily access downstream systems or modify permissions to grant elevated access to malicious parties.