[Dailydave] Improvements

Andrew Becherer andrew at becherer.org
Thu Feb 16 14:00:39 EST 2017

On Wed, Feb 15, 2017 at 11:47 PM, Tracy Reed <treed at ultraviolet.org> wrote:
> On Wed, Feb 15, 2017 at 08:46:34AM PST, Jordan Wiens spake thusly:
>> It sounds like the specific actions and data ingests might be different,
>> but the idea of rolling your own automated system hasn't changed a bit in
>> ten years. Surprised to not hear more about the approach, but agree
>> completely that no one vendor does it, and yet every vendor can easily be a
>> part of it.
> In the industry that I see there is huge pressure from the c-suite to
> buy a pre-packaged product (aka silver bullet) and strong disincentive
> to spend time rolling your own custom franken-solution which the
> management will have no faith in because one of their own employees
> built it instead of a big name which can boast about magic quadrants and
> such.

To Wim's point I have people who can, and do, design and implement the
described automation from scratch. I hate the pain and inefficiency of
my current and potential future vendors' integration patterns. In
Wim's words, "hoarding information. Badly constructed and horribly
documented APIs, stupid myopic dashboards, rate limiting on APIs, etc.
etc." I'm not expecting a silver bullet, and I have incredible faith
in my employees, but I'd like to share the burden of integration
implementation across the entire customer base of a Phantom.us or
Komand or other "security orchestration" company. My people can then
focus on writing and debugging the automation logic. I have little
faith that, in any reasonable timeframe, vendors will emphasize data
interchange over features with broader market appeal.

Andrew Becherer

More information about the Dailydave mailing list