Tanawts

Regarding Breach-level Security Incident Notifications and the Telemetry needed:

TL;DR
When handling a breach-level security incident I draw three circles of a target for potentially impacted:

1. The innermost bullseye is that subset of data which has explicit telemetry proof of harm.

2. The inner ring is all of the data contained within the impacted infrastructure/server/device(s) where you may need to #AssumeBreach.

3. The outer ring is the total data/user population of the service / product representing catastrophic impact.

https://telegra.ph/Security-Breach-Notifications-Telemetry-11-10

Security Breach Notifications: Telemetry

When handling a breach-level security incident I draw three circles of a target for potentially impacted:

Telegraph
Nov 11, 2022 at 2:26amWeb