Читать книгу Corporate Cybersecurity - John Jackson - Страница 43

Incidents are inevitable for any growing organization, and an incident that only affects a security operations team, or an application security team, is unrealistic. Application security managers will have to bridge the communication gap between engineers and management on both teams to collaborate on investigations. Establishing thorough processes in the event of an application incident that ends up affecting both teams (such as a client side web application exploit that turns into a server side exploit) isn’t negotiable. Transparency with incident resolution should be maintained between both teams. Application security managers should know what forensic tools, logging solutions, and endpoint detection response tools exist within the enterprise. Many of the tools owned by other security teams can greatly benefit the application security team during investigative or prevention processes. Team collaboration can allow for a togetherness mindset of security instead of a reluctance to provide assistance.