Within Elastic, the information security team is tasked with security detection and analytics, among many other activities of a typical information security team. To find abnormal and malicious behavior within our environment we leverage Elastic SIEM for investigations and threat hunting. When we find a pattern of behavior we want to be alerted on during an investigation or hunt we take the request JSON behind our investigation and put in to Watcher for alerting.
Critical and sev1 incidents are always a priority, but what about those dozens and often hundreds of lower priority ones that often sit in a queue waiting for a first response engineer to get to them? Do you find that no matter how much effort your team puts into minimizing the number of queued incidents, their number always seems to grow? If this sounds familiar – this blog is for you.
As 2019 comes to an end, OnPage would like to re-inform MSP teams about the value and importance of offering a 24×7 support service. Twenty-four seven support ensures that client issues are quickly resolved by an after-hours support team. Though 24×7 support is a must-have offering, MSPs must first re-work their internal workflows and policies, ensuring that after-hours servicing is a pain-free venture.
Danny is an SRE at Auth0 and currently manages the reliability of systems that authenticate over 2.5 billion logins per month and is expected to have 99.9% (Three Nines) availability. He loves learning about systems and making changes that positively impact client happiness, employee happiness and long term stability and growth.
Recently, I wrote about an IDC business value study PagerDuty commissioned and shared some of the results from the research. In summary, after in-depth interviews with eight enterprise customers, IDC applied its proven business value methodology to the aggregated results of those interviews and found that enterprise customers were averaging a three-year return-on-investment (ROI) of 731% and a payback period (break-even point) on their investment in just 4.3 months.
When considering the state of critical incidents in 2019 – it’s no surprise that looking ahead to 2020, CISOs have one of the organization’s most challenging and stressful jobs. During the first half of the year alone 4.1 billion records were compromised, and the average cost of a data breach is now estimated at $3.92 million.
You have built a massively successful system. The users just can't get enough and request new features. Your developers crank out new services on a regular basis. Your DevOps/SRE team configures and scale your Kubernetes cluster (or clusters). As the system becomes more complicated and sophisticated you realize that there are common themes that repeat across all your services.
Software engineers and IT professionals know the pains of being on-call during the holidays all too well. While many parents are woken up at the crack of dawn with kids jumping on their bed, on-call engineers also have to worry about those critical notifications. While the holidays are a great time for family and friends, IT professionals and DevOps engineers also know how stressful they can be.