Date: [Insert Date]

Time: [Insert Time]

Location: [Insert Location]
Attendees: [List of Attendees]

Objective: In relation to the risk identified in the last meeting, the purpose of
this meeting is to identify the activities currently undertaken by Acora in
relation to the activities identified as done by Unit6, identify the gaps, and
develop a strategy to bring Acora to a comfortable level to undertake all
identified activities done by Unit6.

Agenda:

Welcome and Introduction

Recap of the Risk Identified in the Last Meeting
Review of Activities Undertaken by Acora and Unit6
Identification of Gaps between Acora and Unit6 Activities
Brainstorming Session for Closing the Gaps
Strategy Development and Implementation Plan
Timeline and Responsibilities
Any Other Business
Next Steps and Adjournment
Minutes:

The meeting was called to order and the attendees introduced themselves.

The risk identified in the previous meeting was reviewed. It was acknowledged that
Acora currently lacks the capability to undertake all the activities performed by
Unit6, leading to a potential risk in terms of efficiency, reliability, and overall
project success.

The team presented a detailed overview of the activities currently undertaken by

Acora and compared them with the activities carried out by Unit6. The differences
and gaps between the two were discussed, including the specific areas where Acora
falls short in comparison to Unit6.

The group engaged in a constructive discussion to identify the reasons for the
existing gaps. Some key factors identified were: differences in resources, skill
sets, technology, and process efficiency.

A brainstorming session followed, during which attendees freely shared ideas and
potential solutions to bridge the gaps. Various approaches were discussed,
including:

a. Training and Development: Implementing a comprehensive training program to

upskill Acora employees and bring them to the level of proficiency required for the
identified activities.

b. Resource Allocation: Allocating appropriate resources, both human and

technological, to ensure Acora has the necessary tools and manpower to perform the
identified activities effectively.

c. Collaboration with Unit6: Exploring the possibility of collaboration with Unit6,

wherein knowledge transfer and best practices could be shared to enhance Acora's
capabilities.

Based on the brainstorming session, a strategy was formulated to address the

identified gaps. The strategy included:
a. Task Prioritization: Identifying critical activities and prioritizing efforts to
bridge the gaps in those areas first.

b. Skill Assessment: Conducting a thorough assessment of the existing skills within

Acora to determine training needs and areas for improvement.

c. Training Plan: Developing a tailored training plan to ensure Acora employees

acquire the necessary skills and knowledge.

d. Technology Upgradation: Evaluating the technology requirements and making

necessary upgrades to align with Unit6's capabilities.

e. Collaboration Agreement: Initiating discussions with Unit6 for potential

collaboration and knowledge sharing.

A timeline for the implementation of the strategy was discussed, and

responsibilities were assigned to different team members to oversee specific tasks.

During the "Any Other Business" segment, additional concerns and suggestions were
welcomed and addressed.

The meeting concluded with a summary of the agreed-upon strategy, action items,
responsible parties, and the date of the next follow-up meeting.

Next Steps:

Implement the agreed-upon strategy and action plan.

Regularly monitor progress and provide updates in subsequent meetings.
Schedule the next follow-up meeting to assess the progress made and make any
necessary adjustments to the strategy.
Adjournment:

The meeting was adjourned at [Insert Time].

Minutes prepared by: [Your Name/Designation]

Approved by: [Name/Designation of Meeting Chair]

Ability to onboard customer tenant by Setup of New Chronicle Tenants.

Rules Deployment, Removal and Modification – Dan
Ability to submit request for creation and update of Custom Parsers in tenant to
google.
update of Custom Parsers in tenant needs to be done in house
o This needs to be forwarded to Google to own
o Front end parser GUI is in flight
· Customer log integration into SIEM via API and documentation (configs,
etc.)
· Documentation of configuration
· Key management into Chronicle tenants
· Associated project is stored within GCP – Engineering Team have admin
access to this
· Legacy Secrutiny GCP tenant migrated to Acora GCP Tenant
o No info of who is managing Acora GCP – issue to resolve
· Cloud Runs and "Back-end" feed configurations [e.g. gophers (S1)]
o Back end script for API fetches
o Not needed as API keys are rotated
o What gophers have we got setup and what information do we collect? – Unit 6 to
provide
o This is being phased out as Chronicle has a native.
· Log Source Global Health Management and Monitoring
o This is done from Grafana dashboard with a dropdown menu
o Email Alert notification via SNoW is sent to the TAC (Rily and Harry –
frontline) for any issues
o Code may exist on github
o Gbenga access to be setup by Sam
o Issues setting this up with the tenant. This can be disabled after the tenant
is stood up
· Big-Query
o Log source Asset Register (LSAR) being used to data in BigQuery to confirm we
are ingesting logs in Chronicle
o Synchronise data between LSAR (static) and BigQuery (Dynamic) with notification
to the appropriate team
o Used for Reporting
· Maintenance of the Chronicle Tenants, SOAR and Log Source ingestion
· BYOP (Bring your own project) – Nick or Sam to advise
· Setup account, environment and integration in Siemplify for new customers
· Joiner, Movers and Leavers (JML) of internal users
GCP Project for Sandbox inside Secrutiny Tenant
New Project request for SIEM and SOAR integration
Automating Multiple Tenants at the same time -
Creating additional forwarder CFPS ingestion config.
GCP Training - Professional Cloud Security Engineer
GCP Training - Professional Cloud DevOps Engineer
Professional Google Workspace Administrator
Design documentation (HLD/LLD)