After a conversation with Ante Gulam about Security Playbooks, I had the real-world experience of needing them in multiple occasions this week.
Since I was not able to find good resources online that I could easily use, I realised that the Summit presented a great opportunity to create a set of Security Playbooks in standard formats that could be used by the Owasp/Security community.
After some research, I created the Security Playbooks Track with these Working Sessions:
- AppSec Review and Pentest Playbook
- Security Playbooks Diagrams
- Bug Bounty Playbook
- Create Jira Workflows for Security Playbooks
- DoS Playbook
- Due Diligence Playbook
- Incident Response Playbook
- Media Handling Playbook
- Playbooks vs Handbooks
- Ransomware Playbook
- Security Monitoring Playbooks
At the moment none of these Working Sessions have an organiser, so for the ones that you are interested in, please become one (or at least register as an onsite or remote participant).
If you already have Security Playbooks at your company (or similar documents/diagrams/workflows) please submit them in an anonymised format with an OpenSource/CC license (so that it can be used by the Working Sessions)
Remember that significant work and collaboration should occur before the Summit (i.e. between now and the 12th of June). It would be amazing if some of the Working Sessions listed above had its tasks completed before the Summit!
For example, we can start working and collaborating asap on the Security Playbooks Diagrams.
Do you have Playbook Diagrams that you can share? (pictures of whiteboard-based diagrams will be a great place to start)
Thanks for your help