EU Regulating InfoSec: How Detectify helps achieving NIS 2 and DORA compliance
**Disclaimer: The content of this blog post is for general information purposes only and is not legal advice. We are very passionate about cybersecurity rules and …
Charlotte Kerridge
As someone working within AppSec or ProdSec security, the scope and responsibilities of your role have likely changed over the last few years.
This is likely an accumulation of:
But what hasn’t changed?
Regardless of any new scope or responsibilities, you still have a set of things you need to accomplish and get done that are the most important to you.
Jobs-to-be-Done (JTBD) is a business framework we’re using to focus product development on aspects that will help our users achieve their goals through a set of ‘Jobs’ that need doing.
In this new series, we will look at the most critical jobs that AppSec and ProdSec team need to do in in day-to-day roles, what tasks these jobs involve, and the desired outcomes for you and your team when completing these jobs.
We will publish a deep dive into each job to be done throughout the autumn, with each article focusing on one job at a time, and how Detectify as a tool can help users achieve each job.
Here is a quick overview of each of the jobs we will focus on over the coming weeks and what you can expect from each of the deep dive articles:
Tasks involved in this JTBD include:
Not only do you need to find what is exposed, but you also need to understand what and how your assets are being continuously tested for vulnerabilities and exposures.
Tasks involved in this JTBD include:
Once you understand how your attack surface is continuously tested, you’ll want to know where to take action first.
Tasks involved in this JTBD include:
Finally, spotting anomalies across your attack surface and being able to easily follow up on these anomalies is crucial in empowering teams to work autonomously.
Tasks involved in this JTBD include:
The in-depth insights we plan to publish over the coming weeks will show you how to shift your approach from working on various tasks to focusing on the bigger picture.
**Disclaimer: The content of this blog post is for general information purposes only and is not legal advice. We are very passionate about cybersecurity rules and …
TLDR: This article details methods and tools (from DNS records and IP addresses to HTTP analysis and HTML content) that practitioners can use to classify …