|
|
|
|
|
|
by andy89
415 days ago
|
|
|
We’re a small security team inside a growing SaaS org, and during enterprise sales and audits, we kept getting asked:
“How mature is your SOC?” The usual frameworks (NIST CSF, MITRE ATT&CK) are great but heavy — hard to apply without a full SIEM or IR team. So we built a self-assessment tool focused on practical maturity signals like: Logging & alert coverage IR workflows Automation usage Post-incident reviews Framework alignment (at a high level) It generates a maturity score + highlights where to improve. It’s been helpful for planning, reporting to leadership, and onboarding new security hires. We cleaned it up and released it publicly: |
|
|