Cloud Security Podcast

Building an Incident Response Team for High-Growth Companies

Aug 22, 2024

In this discussion, Santiago, a Senior Security Engineer at Canva, shares insights on building incident response teams in high-growth companies. He explains how incident response differs in fast-paced versus established environments and the vital skills needed for effective management. Santiago also touches on the importance of communication, the dynamic between Red Teams and incident responders, and strategies for enhancing endpoint security. Additionally, he highlights the role of data visualization in security monitoring, emphasizing the need for effective dashboard design.

27:24

Creator website

Episode guests

Santiago

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Effective incident response requires strategic risk assessment rather than immediate action to optimize resource allocation and operational efficiency.

Building an incident response team in high-growth companies necessitates valuing autonomy and communication while facing unique challenges in cloud environments.

Deep dives

The Importance of Incident Response Prioritization

Effective incident response requires careful prioritization of actions based on risk assessment rather than immediate reaction. Security teams often rush to fix issues without evaluating the actual severity, leading to unnecessary strain on resources and personnel. The podcast emphasizes the need for responders to assess whether an incident requires urgent attention or can wait for a more considered approach. This strategic perspective helps to avoid chasing every issue as a top priority, thus enhancing overall operational efficiency.

Intro

3min

Navigating Incident Response in High-Growth Companies

15min

Enhancing Endpoint Security and Application Management

6min

Leveraging Data Visualization for Enhanced Security Monitoring

2min

Navigating Data Visualization and Personal Interests

3min

In this episode, we sit down with Santiago, a Senior Security Engineer at Canva, to talk about the complexities of building and managing an incident response team, especially in high-growth companies. Santiago shares his experience transitioning from penetration testing to incident response and highlights the unique challenges that come with protecting a rapidly expanding organization.

We explore the differences between incident response in high-growth versus established companies, the importance of having the right personnel, and the critical skills needed for effective incident response.

Guest Socials:⁠ ⁠⁠⁠⁠Santiago's Linkedin

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

Questions asked:

(00:00) Introduction

(01:58) A word from our sponsor - SentinelOne

(02:48) A bit about Santiago

(03:18) What is Incident Response?

(04:06) How IR differs in different organisations?

(04:48) Red Team vs Incident Response Team

(06:17) Challenges for Incident Response in Cloud

(07:16) Incident Response in a High Growth Company

(07:56) Skillsets required for high growth

(09:14) Cloud vs On Prem Incident Response

(10:03) Building Incident Response in High Growth Company

(11:39) Responding to incidents that are not high risk

(14:41) Transition from pentesting to incident responder

(17:20) Endpoint vulnerability management at scale

(25:32) The Fun Section

Resources from the episode:

Endpoint Vulnerability Management at Scale

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Cloud Security Podcast

Building an Incident Response Team for High-Growth Companies

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Importance of Incident Response Prioritization

Building an Incident Response Team in High-Growth Organizations

Adapting Incident Response to Cloud Environments

Transferable Skills Between Penetration Testing and Incident Response

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Cloud Security Podcast

Building an Incident Response Team for High-Growth Companies

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Importance of Incident Response Prioritization

Building an Incident Response Team in High-Growth Organizations

Adapting Incident Response to Cloud Environments

Transferable Skills Between Penetration Testing and Incident Response

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights