►
From YouTube: Protect Stage Strategy EMEA Friendly Q&A - May 2021
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Thanks
everyone
for
joining
this
is
our
protect
stage,
quarterly
strategy
q
a
session.
Hopefully
you
had
a
chance
to
review
the
pre-recorded
video
and
the
slide
deck
ahead
of
time.
A
B
B
I
also
watched
the
video
with
sam
kerr
and
how
y'all
envisioned
the
compliance
and
security
orchestration
user
experience
coming
together,
so
really
glad
we're
connecting
the
dots
there
also
like
how
you
identified
a
strategy
to
bridge
to
the
different
personas
that
we
don't
sort
of
naturally
call
on
right.
Now,
that's
a
great
great
great
step.
Can
you
talk
about
how
the
current
roadmap
overlays
or
not
with
those
bridge
items
called
out
on
slide
nine.
A
Yeah,
absolutely
that's
a
great
question
so
up
to
this
point
over
the
last,
you
know
three
to
six
months,
since
we
did
the
defend,
protect
transition,
we've
really
just
been
doing
a
lot
of
foundational
work.
First
of
all,
we've
been
building
up
the
team.
You
know
getting
the
team
at
a
good
level
of
staffing
and,
secondly,
you
know
we
released
the
alert
dashboard.
A
We
are
doing
a
lot
of
foundational
work
to
get
security
policies
in
place,
so
it's
not
really
like
showing
up
a
whole
lot
for
customers
right
now,
but
there's
just
a
lot
of
architectural
foundational
components
that
need
to
happen.
A
Also,
we
want
to
start
scanning
containers
in
production
prior
to
doing
that.
We
made
the
decision
to
switch
from
claire
and
clar
over
to
trivi
and
again,
a
big
part
of
that
was
where
we
wanted
to
head,
which
was
scanning
containers
and
production
specifically,
and
so
trivia
is
much
better
suited
to
do
that.
They've
got
some
other
tools
and
other
projects
that
are
very
closely
related
that
make
it
fairly
easy
to
get
to
run
scans
against
the
containers
container
images
in
production.
A
So
up
to
this
point,
we
haven't
been
executing
directly
on
that
roadmap.
We've
more
just
been
laying
the
groundwork
to
be
able
to
be
successful.
We're
actually
reaching
a
turning
point
right
about
now,
where
you
know
the
work
for
trivia
is,
is
essentially
done.
You
know,
we've
got
a
few
little
outstanding
things
that
we're
cleaning
up,
but
it's
it's
nearly
there
we're
researching
the
work
for
starboard,
which
is
the
sister
project
to
trivi
that
lets
us
do
that
scanning
in
production.
A
You
know
we're
about
to
start
the
work
on
the
ui
for
the
security
policy
management
for
the
scan
component
of
that.
So
we're
reaching
that
turning
point
now
from
like
laying
the
foundation
towards
actually
like
delivering
the
things
that
will
build
that
bridge,
so
to
speak
metaphorically,
when
it
comes
to
what
is
that
bridge?
I
mean
those
shared
use.
A
Cases
are
you
know,
scanning
for
vulnerabilities
in
production
is
a
prime
example
of
a
shared
use
case,
because
the
apsec
team
they're
really
responsible
for
the
vulnerabilities
that
exist
in
the
code
and
their
job
is
to
work
back
with
development
to
get
those
remediated
and
get
those
addressed.
Okay,
whereas
the
security
operations
team-
you
know
they're
just
concerned
with,
what's
in
production,
so
that's
the
one
one
of
the
areas
where
there
is
that
overlap.
A
Is
you
know
this
is
something
that
exists
in
production,
so
the
secops
team
cares
about
it
and
it
also
impacts
the
code.
So
it's
different
from
like
a
firewall
where
there's
no
real
code
involved
with
those
sorts
of
security
decisions
that
pure
secops,
you
know
there
actually
is
overlap
there.
So
that's
one
of
the
reasons
why
scanning
containers
in
production
is
one
of
our
top
priorities:
roadmap,
wise,
we're,
kicking
off
the
research
spike
right
now,
assuming
it
goes
well
and
we
do
decide
to
stay
with
starboard.
A
You
know
I
don't
have
an
exact
timeline
on
it
because
we
haven't
refined
it
all,
but
we're
looking
sometime
this
year,
probably
to
release
that
and
have
that
out
for
customers
on
the
security
policy
management
side.
You
know
that's
also
a
little
bit
of
a
different
kind
of
a
bridge,
but
recognizing
that
you
know
these
security
decisions
are
shared
by
both
of
the
teams
and
especially
in
terms
of
vulnerabilities,
there's
a
lot
of
overlap.
So
we
actually
already
have
a
security
policy
editor
for
network
policies.
A
You
know
think
of
it
as
your
production
firewall
and
what
we're
working
to
add
in
is
policies
that
govern
when
scans
are
required
to
execute
okay.
So
by
bringing
those
two
things
into
the
same
ui
one
there's
just
a
lot
of
natural
awareness
that
happens
because
you're
working
in
there
and
you
see
what's
possible,
it's
going
to
facilitate
those
conversations
where
the
appsec
team
goes
over
and
says:
hey.
Did
you
know
that
gitlab?
Has
this
network
firewall
here
you
know,
maybe
we
should
consider
using
it.
A
So
hopefully
that
facilitates
some
introductions
and
then
you
know
also
anything
around
scanning
and
production.
We
want
to
leverage
that
policy
editor
for
that
and
again
that's
a
shared
area
of
overlap.
So
it's
a
place
where
the
two
teams
can
come
and
start
to
collaborate,
and
hopefully
we
can
start
getting
that
secops
team
into
git
lab
where
right
now
they
don't
really
use
gitlab.
A
But
as
we
build
out
that
policy
editor,
the
number
of
types
of
alerts
is
going
to
expand,
so
you
can
be
alerted
when
a
scan
you
know,
finds
x,
number
of
new
critical
vulnerabilities
that
could
generate
an
alert
right
or
when
you
find
x,
number
of
critical
vulnerabilities
in
production,
and
so
you
know
again
right
now.
It's
I
would
expect
usage
of
it
is
fairly
low
because
there's
not
a
lot
of
alerts,
it's
more
of
an
architectural
foundation,
but
as
we
build
on
that
over
time,
it's
going
to
you
know.
A
B
A
Yeah,
so
the
approvals
are
mostly
focused
on
the
appsec
team.
Okay,
the
appsec
team
would
be
setting
up
those
approvals
and
they
would
be
because
again
they're
the
ones
who
are
responsible
for
the
vulnerabilities
in
the
code.
Yeah
really.
What
we're
looking
at
for
security
approvals
is
rules
that
say
you
know,
when
the
pipeline
detects
x
number
of
new
critical
vulnerabilities,
then
I
want
to
require
approval,
and
typically
the
group
that
they
want
to
require
approval
from
is
the
appsec
team.
A
We
have
that
capability
today,
it's
just
not
very
granular,
it's
more
of
like
a
crude
on
off
switch
that
says.
If
any
vulnerabilities
are
found,
then
you
know
you
require
approval,
so
it's
not
specific
by
scanner.
It's
not
specific
by
severity,
and
it's
not
specific
by
whether
the
vulnerabilities
are
newly
found
or
not.
So
we
want
to
bring
all
of
that
granularity
in
to
make
it
more
powerful,
but
largely
that
would
be
the
apsec
team.
A
I
think
there's
a
role
in
the
future
where
the
secops
team
starts
to
get
involved
and
takes
some
interest
there
in
terms
of
actually
gaining
what
can
go
into
production.
So
it's
just
it's
similar
scenario,
but
a
slightly
different
kind
of
rule
where
they
say
you
know.
If
you
have
more
than
five
critical
vulnerabilities,
you
know
I
don't
want
that
automatically
deploying
into
production
full
stop.
You
know,
and
maybe
they
layer
in
and
you
know
maybe
they're
not
getting
involved
in
as
many
cases
or
as
many
scenarios.
So
they
have.
A
You
know
the
dial
turned
down
a
little
bit,
but
if
it
doesn't
meet
a
certain
threshold,
I've
heard
several
customers
express
a
desire
to
actually
gate
that
and
prevent
it
from
going
in
production.
So
that'll
be
where
the
secops
team
will
get
involved.
Is
you
know
not
in
the
development
process,
but
once
it
gets
to
the
point
where
they're
ready
to
push
to
production
that
then
they
would
be
interested
in
stepping
in
and
taking
some
action
there.
B
A
Yeah,
this
is
actually
where
we
started
our
work.
When
we
did
our
designs,
my
designer
started
with
the
blank
slate
and
just
you
know
we
built
it
out.
We
did
our
solution,
validation
around
these
designs
as
well,
and
we
got
some
really
great
feedback
so
just
to
share
for
the
benefit
of
the
recording
and
anyone
who
may
be
watching.
This
is
really
the
direction
that
we're
headed
or
at
least
a
rough
idea
of
it.
Where
we've
got
these
column
style,
swim
lanes
based
off
of
the
status.
A
A
So,
as
you
come
in,
you
say:
okay,
I'm
going
to
take
a
look
at
this
one.
You
drag
it
over
to
interview,
you
click
on
it.
You
you
know,
review
the
details
and
then
either
you
mark
it.
As
you
know,
not
something
we
need
to
worry
about,
and
you
just
dismiss
it
or
you
say
this
truly
is
a
problem
and
you
move
that
into
the
confirmed
state
and
begin
actioning
on
the
steps
to
resolve.
You
know
whatever
the
problem
is
that
initiated
the
alert
got
it
hey.
A
So
I
I
don't,
does
compliance
alerts
have
a
separate
alert
ui?
Well,
I
don't
think
they
do,
but
you
know
the
video
you
would
see
their
work
into
here.
B
A
So
this
is
intended
to
be,
you
know
all
security
and
compliance
alerts,
and
it
is
a
separate
ui
from
the
monitor
teams.
Dashboard,
which
is
very
network
operations,
focused
it's
just
a
totally
different
persona
right.
Those
are
alerts
like
my
cpu
utilization
is
high,
or
I'm
out
of
memory
on
my
clusters,
totally
different
team
that
actions
those
when
I
talked
with
sarah
waldner,
you
know,
interestingly,
it
sounded
like
she
had
done
some
research
and
they
were
pretty
adverse
to
this
kind
of
kanban
style
view.
A
Okay,
so
you
know
it
sounded
like
they
were
not
interested
in
this
view,
so
we
are
planning
to
just
provide
a
toggle
at
the
top,
and
this
may
be
a
good.
You
know
place
to
do
an
experiment
of
sorts.
You
know
and
get
some
feedback
kind
of
a
b
testing.
We
could
randomly
alternate,
which
one
is
the
default,
but
we
have
the
list
view
today,
which
we
you
know
is
was
fast
and
cheap
and
easy
to
implement.
A
It's
just
a
list
looks
very
similar
to
the
monitor
teams
page,
but
at
the
top
we
want
to
also
provide
this
kanban
style
view.
So
again,
we
can
kind
of
play
with
that
and
get
some
feedback
and
maybe
filter
that
into
the
monitor
team
in
the
future.
If
they
are
interested
or
you
know,
if
there
really
is
no
interest
in
that
from
the
network
operations
center
personas,
I
mean
that's
fine
too,
and
that's
part
of
why
we
have
to
separate
uis
because
we're
dealing
with
two
different
groups
of
people
yep
all
right
thanks
sam.
A
Are
there
any
other
questions
or
just
areas
for
discussion,
anything
on
the
lines
of
protect.
A
All
right!
Well,
thanks
for
the
good
question
scott,
I
appreciate
it.
It's
a
great
dialogue
and
you
know
feel
free
to
reach
out
to
me.
You
know
if
you
don't
have
questions
now
and
you
think
of
some
later
or
if
you're
not
comfortable,
bringing
them
up,
I'm
always
happy
to
to
discuss
individually
as
well,
but
thanks
for
joining
today
appreciate
the
attendance
and
have
a
good
week
thanks
sam
nice
work
have
a
good.