Blue Team

10 readers

6 users here now

Blue Teamers are the first (and sometimes last) line of defense in the ongoing cyber war. This place is to chat out detection strategies, complain about SIEMs, compare SOAR playbooks, or post mean memes about the Red Team.

founded 1 year ago

MODERATORS

[email protected]

What does your security organization look like? (infosec.pub)

submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]

5 comments fedilink hide all child comments

👋 Hello all! So, how big is your security organization and how are responsibilities split across teams?

I've been through I don't know how many reorgs and seen quite a few place, and while some patterns emerge it's always interesting to see how Security is split up.

In my current company we evolved from:

6ppl: one security team
~12ppl: one security team, distributed between two locations
~12ppl: infrasec team, appsec team
~30ppl: infrasec team, dir team, appsec team, risk/audit team
~60ppl: infrasec team, dir team, corpsec team, appsec tooling team, appsec consulting team, risk/audit team, compliance team

top 5 comments

sorted by: hot top controversial new old

[–] [email protected] 1 points 1 year ago (1 children)

Hi! 60 people is impressive! I'm at a startup, so we're a lot smaller than that, but at least we have one!

Oh btw it's either "how does ... look" or "what does ... look like", but never "how does .. look like" 🤓

[–] [email protected] 2 points 1 year ago

Ah-a TIL 😄 thank you, fixed

[–] [email protected] 1 points 1 year ago

We have one team with ~ 10 people

[–] [email protected] 1 points 1 year ago (1 children)

I work at a top-10 US bank. If you add our contractors, we have nearly 1000 people in the cyber org. I have 26 people in my direct report org and 235 in my dotted-line org. The 26 folks in my direct report org only do firewall policy changes.

[–] [email protected] 1 points 1 year ago

it’s impressive! How does your infrastructure looks like? Is it 100% on prem?