How Security Automation is Strengthening DefensesTy Miller Says Automation Is Speeding Up Incident Response
Security automation is going to be key for organizations to proactively protect themselves and also investigate incidents.
Automation can now encompass everything from managing threat intelligence to vulnerability management, firewall management to account monitoring to penetration testing, says Ty Miller, founder and managing director of Threat Intelligence, a Sydney-based consultancy.
In fact, more than 90% of a penetration test can be automated, ranging from tasks such as reconnaissance, fingerprinting/scanning, automated attacks and exploitation. But the last 8% or so does need to be done by humans, such as advanced exploitation work.
"That's the advanced stuff that you actually want your specialist pen tester to do," Miller says.
For several years Miller's company has run a course at the Black Hat security conference that teaches security automation methods using open-source code. Miller's company is doing the course again this year, which aims to teach what can be achieved with security automation.
In this video interview, Miller discusses:
- How security orchestration automation and response (SOAR) is changing and maturing;
- What benefits automation can bring;
- How automation can speed up incident response.
Miller is the managing director and founder of Threat Intelligence, which is a Sydney-based consultancy.