TechSecOps: CORE Inventory Specifications

Learning how to fix your inventory problems according to CORE.

Introduction

Cost-effective Operational Reliable Efficient CORE Technology Security involves only what is required to manage technology risks specific to each organization, no more and no less. By emphasizing CORE, declare the objectives and build to those objectives. Regarding security, CORE enables organizations to have 100% accurate asset inventories, proactively manage vulnerabilities, detect threats to each technology, respond to exploits (accidental or otherwise), and maintain business operations while recovery activities are underway. CORE Technology Security starts by categorizing 100% of the organization's technologies.

Part 1: Organization and Process specifications

Part 2: Technology specification and Asset Inventory Example

Summary

Technology Security Operations, or TechSecOps, is an approach focusing on building a CORE technology security program that emphasizes security operations first and deploying automation when and wherever possible to simplify security. Additionally, this level-setting program emphasizes doing the bare minimum to meet security objectives. CORE is not a compliance process; if built correctly, it will be compliant.

In these inventory videos, I explain the objectives to building a CORE inventory and the characteristics to include about your technology assets.