Top Threats Working Group Call Complete Notes and Transcript
Discussion Topics Summary 2024-12-19
- Discussed Retool hack and its classification under TT5 (Insecure Third Party Resources)
- Sherre Stine presented her research on the Retool breach
- Vic asked authors to edit their sections directly in the document template
- Michael Roza explained his approach to linking TTs, controls, metrics, and takeaways
- Discussed the importance of having metrics for each control
- Alex clarified expectations for other authors regarding metrics and takeaways
- Each section in the document will include its own list of references. The combined references section has been deleted.
- Writing expected to continue into January, review planned for end of January/February
- Confirmed the project is on schedule for completion by RSA conference
- Next meeting 01/02
Have a nice holiday break everyone. Thank you for all your good work.
------------------------------
Vic Hargrave
Cybersecurity Analytics Engr.
Everfox
+1-650-430-3356
[email protected]
------------------------------