OutSystems announced the general availability (GA) of Mentor on OutSystems Developer Cloud (ODC).
Is It Time for Sec-Ops?
February 23, 2012
If an attacker were bogging down your apps, how would you know? You wouldn't, unless you bridge the gap between ops and security.
Inspired by the teamwork that began with the Agile movement, IT organizations are tearing down walls in the service delivery process. DevOps is shortening release cycles by uniting development and delivery. But another wall stands in the way of an agile enterprise: the one between operations and security.
Most ops teams have no way of knowing when they’re dealing with an attack or a slow server. With the security and ops teams working separately, issues can take longer to identify, and longer to fix, compromising both operational performance and the security of the enterprise.
It’s time to demolish the divide between the Network Operations Center (NOC) and the Security Operations Center (SOC).
Here’s how to get started.
Step 1: Prioritize
Start with what matters most:
- Which apps or services are the most critical to your organization?
- Which ones can’t afford to have a security problem remain undiagnosed for even a few minutes?
Step 2: Collaborate with the security team
Because you’ll be shifting some responsibility from one team to another, it’s important to ensure that everyone understands why.
- Facilitate communication between the NOC and SOC teams about what they will gain by bringing security events into the NOC.
- Ensure the NOC team understands the importance of giving the SOC team visibility into certain aspects of NOC monitoring tools.
- Discuss the various tools you’ll need to accomplish this coordination and the processes you will need to create or modify.
Step 3: Identify the right monitoring tools
It’s important to look for a tool that won’t add new complexity to the NOC or its processes. The ideal tool would consolidate and correlate all events—security and operational—under a single pane of glass.
It also should:
- Provide real-time monitoring information.
- Allow for customization, so that both the SOC and NOC teams can see the information they need to see.
- Integrate security system events with the NOC's overall event management system.
- Connect security-related events with the business services they affect so you can prioritize problems when they arise.
- Identify a problem’s cause with little or no manual work.
This article is adapted from a longer article that appeared in the Discover Performance newsletter.
Industry News
January 30, 2025
Kurrent announced availability of public internet access on its managed service, Kurrent Cloud, streamlining the connectivity process and empowering developers with ease of use.
January 29, 2025
MacStadium highlighted its major enterprise partnerships and technical innovations over the past year. This momentum underscores MacStadium’s commitment to innovation, customer success and leadership in the Apple enterprise ecosystem as the company prepares for continued expansion in the coming months.
Traefik Labs Delivers API Gateway and Ingress Controller Integration for Nutanix Kubernetes Platform
January 29, 2025
Traefik Labs announced the integration of its Traefik Proxy with the Nutanix Kubernetes Platform® (NKP) solution.
January 28, 2025
Perforce Software announced the launch of AI Validation, a new capability within its Perfecto continuous testing platform for web and mobile applications.
January 28, 2025
Mirantis announced the launch of Rockoon, an open-source project that simplifies OpenStack management on Kubernetes.
January 28, 2025
Endor Labs announced a new feature, AI Model Discovery, enabling organizations to discover the AI models already in use across their applications, and to set and enforce security policies over which models are permitted.
January 27, 2025
Qt Group is launching Qt AI Assistant, an experimental tool for streamlining cross-platform user interface (UI) development.
January 27, 2025
Sonatype announced its integration with Buy with AWS, a new feature now available through AWS Marketplace.
January 27, 2025
Endor Labs, Aikido Security, Arnica, Amplify, Kodem, Legit, Mobb and Orca Security have launched Opengrep to ensure static code analysis remains truly open, accessible and innovative for everyone:
January 23, 2025
Progress announced the launch of Progress Data Cloud, a managed Data Platform as a Service designed to simplify enterprise data and artificial intelligence (AI) operations in the cloud.
January 23, 2025
Sonar announced the release of its latest Long-Term Active (LTA) version, SonarQube Server 2025 Release 1 (2025.1).
January 23, 2025
Idera announced the launch of Sembi, a multi-brand entity created to unify its premier software quality and security solutions under a single umbrella.
January 22, 2025
Postman announced the Postman AI Agent Builder, a suite empowering developers to quickly design, test, and deploy intelligent agents by combining LLMs, APIs, and workflows into a unified solution.
January 22, 2025
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of CubeFS.
