Building an Incident Response Team for High-Growth Companies
Description
In this episode, we sit down with Santiago, a Senior Security Engineer at Canva, to talk about the complexities of building and managing an incident response team, especially in high-growth companies. Santiago shares his experience transitioning from penetration testing to incident response and highlights the unique challenges that come with protecting a rapidly expanding organization.
We explore the differences between incident response in high-growth versus established companies, the importance of having the right personnel, and the critical skills needed for effective incident response.
Guest Socials: Santiago's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security BootCamp
Questions asked:
(00:00 ) Introduction
(01:58 ) A word from our sponsor - SentinelOne
(02:48 ) A bit about Santiago
(03:18 ) What is Incident Response?
(04:06 ) How IR differs in different organisations?
(04:48 ) Red Team vs Incident Response Team
(06:17 ) Challenges for Incident Response in Cloud
(07:16 ) Incident Response in a High Growth Company
(07:56 ) Skillsets required for high growth
(09:14 ) Cloud vs On Prem Incident Response
(10:03 ) Building Incident Response in High Growth Company
(11:39 ) Responding to incidents that are not high risk
(14:41 ) Transition from pentesting to incident responder
(17:20 ) Endpoint vulnerability management at scale
(25:32 ) The Fun Section
Resources from the episode:
United States
