Video
Incident Response & Readiness Guide
Transcript
0:00
I have been a partner with Red Canary for years now, and one of the main things back then when we started as a Red Canary customer was alert fatigue and simply not having the internal team to be able to field all those to make sure we were keeping our focus on only the critical alerts that we got.
0:25
I’ve been with the company for about 6 years, and our mission as a whole as a company, has always been to be the leading specialty contractor in the utility space, construction, and contracting. So whenever I was building out the internal security team, making sure we were staying focused to what the business needs are as we grow by acquisition, and we were purchasing companies that were big and small and being able to integrate them into our ecosystem was a challenge.
0:56
So, the more tools that you put into an organization it can just drown out the noise of alerts coming from every single system that need to be triaged. And you need to fully understand each one to know which one is relevant or is just a false positive.
1:15
As the team was much smaller, we still run lean and we’re able to do that with Red Canary’s help, but we were losing sight with all the tools that I’ve mentioned, of keeping those up and maintained and healthy, let alone keeping up with new capabilities that were being released.
1:30
It was quite instant that we were able to see all of our CrowdStrike alerting that we were chasing hundreds of alerts per day sometimes. Down to our latest report that I’ve pulled, was boiled all the way down to 35 critical alerts that Red Canary elevated to us to focus on. So we’re going from thousands of alerts per year to 35 true alerts that we needed to chase.
1:55
The feedback that I get from my team constantly is, any time that we’re engaged with our weekly reporting or working an actual incident, they constantly are bragging about the customer service that’s provided to them, the intelligence of the people that we’re actually working with; we can’t say enough good things about the incident responders themselves.
2:15
One of the main things that we enjoy about Red Canary is I can keep my internal team of about 15 people, ranging from architects, engineers, administration, and operations, can truly keep focus on the business drivers and business needs to make sure the business is moving forward, and pivoting along with any business strategy changes that we may have.
2:36
As we’ve partnered with Red Canary and built that trust, my internal team can now focus on customer service to our internal users, as well as keeping the tools maintained and healthy, and then something recently that we’ve matured to be able to do is have security architecture and engineering built into every product that we’re bringing online from the business standpoint. And we simply couldn’t have done that if we were just constantly focused on incident response.
3:03
I work really well with the customer service side and our incident responders, but all the people in the background that are making the machine run, or the marketing folks, or anybody that doesn’t get direct customer contact, I’m excited to be able to share our stories with them of how what they do every day has empowered companies like mine to keep our focus.