(1)Tools and Tech and their Integrations

Question 1

What are two ways that companies can automate repetitive tasks (other than Security Orchestration, Automation and Response (SOAR) systems)? Describe them

Answer 1

Two ways that companies can automate repetitive tasks are:

-Scripting (which is code that automates the work)

-Integration (uses interfaces (provided by vendors) to bring different products together)

Question 2

How can Application Programming Interfaces (APIs) help in the process of integrating security tools?

Answer 2

-APIs allow a team to use programmatic interfaces to services that let one use a service without using web based interfaces

-The API lets you create code that will automate those actions

Question 3

What are webhooks? How can they be helpful?

Answer 3

Webhooks enable a team to send a signal from one app to another using a web request

This could be used to help automatically trigger a scan each time a new vulnerability is reported

Question 4

What are plug-ins and why are they useful for?

Answer 4

Plug-ins are programs that run inside of programs that provide context, such as the ability to get extra information about a website that normally isn’t available otherwise

Question 5

Describe how the “single pane of glass” concept can assist cybersecurity operational efficiency?

Is perfect efficiency possible? Describe why or why not?

Answer 5

The single pane of glass approach helps analysts to pool all of their tools into one place, so that they don’t need to cross reference so many tools.

Perfect efficiency isn’t really possible as there will always be “another system” that one needs to perform normal duties, but its worth the effort to get it as efficient as possible!