# Security Operations The Security Operations team is responsible for the security monitoring and operational security policies of the Mattemost organization. ## Areas of Ownership * Security Incident Response Program * Active monitoring and analysis of security events taking place across company, product, and service, platforms * Implementation, upkeep, and growth of security monitoring and analysis platforms * Availability of log ingestion and processing infrastructure * Create, review, and enforce operational security policies, procedures, along with controls related to existing and future-planned compliance frameworks * Infrastructure Vulnerability Management Program * Maintain visibility of industry trends, emerging security issues, 0day/vulnerabilities * Contribute to customer security questionnaires on operational security and compliance topics * Act on results of Red Team / Penetration Testing against Mattermost (the company) and product/service infrastructure * Monitoring and upkeep of Endpoint Detection & Response (EDR) * Access control for Engineering tools and services, and integration with Okta * Engage in verification and impact of product vulnerabilities as it relates to Community and Cloud-hosted instances * Analysis, verification, and reaction to phishing and other malicious email * Management and upkeep of Vault infrastructure and policies * Management and upkeep of Teleport (cloud/company) platform * Management and upkeep of Pritunl VPN platform --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://handbook.mattermost.com/operations/research-and-development/organization/security_operations.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.