On this episode of The Future of Security Operations podcast, Thomas is joined by Andrew Santell. Andrew is an experienced security leader who worked for the U.S. Navy for over a decade before moving into the private sector. In 2021, he founded the Security Operations program at Netflix, and recently, he joined edge cloud platform Fastly, where he is the Director of Security Operations and Cyber Defense.
In this episode, Andrew and Thomas discuss:
- Navigating the unique challenges of the Navy, from log management to prioritization
- Making the leap from the Navy to tech
- Building a security operations team and program from scratch at Netflix
- Red teaming phishing response playbooks at Netflix to test their effectiveness
- Recognizing the value of good processes
- Why teams should design processes first, automate later
- Creating a feedback loop between teams at Fastly
- How “shifting left” has helped Andrew’s team reduce vulnerabilities
- Using automation for risk assessment at Fastly
- Andrew’s approach to incidents like the Log4J vulnerabilities
- Why growth in the vendor market is a good thing for practitioners
- Why automation should be a requirement, not just a best practice
- What advancements in AI mean for threat detection
- The importance of risk-based decision-making
- The potential of self-remediation
- Why good security leadership starts with taking care of your people
Date: 03/25/2024 05:26:00 ET