u/bankster24

Long story short, company bought a CDR tool, our lead IR analyst was in the process of transitioning our manual playbooks to include automated and semi-automated response actions such as making a storage account private, isolating a vm, etc, then someone from the architecture team shut it down and said we aren’t allowed to have response permissions because they are too powerful.

Our entire team is in shock as we’ve been wanting to speed up our response times for common investigations we see but it’s discouraging that one person can just shut everything down.

How would you guys handle this type of situation? We want to escalate to leadership immediately.

Long story short, company bought a CDR tool, our lead IR analyst was in the process of transitioning our manual playbooks to include automated and semi-automated response actions such as making a storage account private, isolating a vm, etc, then someone from the architecture team shut it down and said we aren’t allowed to have response permissions because they are too powerful.

Our entire team is in shock as we’ve been wanting to speed up our response times for common investigations we see but it’s discouraging that one person can just shut everything down.

How would you guys handle this type of situation? We want to escalate to leadership immediately.

Save yourself the time and skip over the new Gordon Ramsay documentary.

Being Gordon Ramsay was just released and after the first couple of episodes I can 100% assure you this is just to plug his new business that opened in London. I thought we would learn something new or in depth about being him but no it’s a giant marketing plug. I am over this dude. He is everywhere and it’s all the same. Blah. Plenty of other talented chefs out here in the world that you will never get to hear of because of this guy.