TechSecOps: CORE Operate Specifications

Learning how to operationalize security operations according to CORE.

Introduction

Cost-effective Operational Reliable Effective, CORE Technology Security involves only what is required to manage technology risks specific to each organization, no more and no less. By emphasizing CORE, declare the objectives and build to those objectives. Regarding security, CORE enables organizations to have 100% accurate asset inventories, proactively manage vulnerabilities, detect threats to each technology, respond to exploits (accidental or otherwise), and maintain business operations while recovery activities are underway.

Organizations should follow through with CORE Operations only after Inventory, Remediation, Detection, and Decision capabilities are 100% complete.

Part 1: Operations specifications

Part 2: CORE Operations applied

Summary

Technology Security Operations, or TechSecOps, is an approach focusing on building a CORE technology security program that emphasizes security operations first and deploying automation when and wherever possible to simplify security. Additionally, this level-setting program emphasizes doing the bare minimum to meet security objectives. CORE is not a compliance process; if built correctly, it will be compliant.

In these operations videos, I explain the objectives to building a centralized security operations superpower to ensure inventory and remediation management are included in the SOC along with the most functional and advanced threat intelligence platform, the CORE Threat Intelligence Engine.