I wrote this article for Securityweek on the topic of Automating security operations activities
I talk about how automation is not really about technology. It’s primarily about trust, or rather the lack of it. The article outlines three basic principles to begin increasing the trust in automating operational security tasks.
The SecOps team can assess the impact of the risk, but NOT the impact on production.
You can automate the actions, but not the decision.
You can expand automation as trust and confidence increases.