A fascinating aspect of security operations teams is about how threats eventually become trivial, and what happens once they are seen that way. Trivial threats are those that will rarely come up as something that humans have to deal with; they will be blocked by preventative technologies, fail because related vulnerabilities are present, or even handled via automated response. SOCs would die if they needed analysts to be involved in every attack the organization experiences, but fortunately, it doesn't happen. Trivial attacks happen, but they don't hit a point where they will trigger a full detection, investigation and response cycle with human involvement.
What To Do When Threats Become Trivial?
What To Do When Threats Become Trivial?
What To Do When Threats Become Trivial?
A fascinating aspect of security operations teams is about how threats eventually become trivial, and what happens once they are seen that way. Trivial threats are those that will rarely come up as something that humans have to deal with; they will be blocked by preventative technologies, fail because related vulnerabilities are present, or even handled via automated response. SOCs would die if they needed analysts to be involved in every attack the organization experiences, but fortunately, it doesn't happen. Trivial attacks happen, but they don't hit a point where they will trigger a full detection, investigation and response cycle with human involvement.