At Adobe, security is a critical priority for us and we believe in defense-in-depth, which begins with monitoring — from collecting event logs and configuration data made available by public cloud providers to logs from EDR systems and vulnerability scanning pipelines. These logs are centrally collected and analyzed by the Adobe security organization using SIEM tools in order to proactively identify potential vulnerabilities or misconfigurations and generate action items (in the form of conveniently trackable tickets) for product teams. But to do this effectively, it is important to identify who owns a particular set of resources. In an organization with thousands of services and developers, this is not a simple task. Unassigned or misassigned tickets can delay resolution of security issues that could increase exposure to malicious attacks. So how do we bridge this gap between visibility (using monitoring tools to detect potential risks at the infrastructure layer) and accountability (assigning and remediating these issues in a timely manner)? Join Gurneet Kaur from the Adobe Operational Security (OpSec) team as she talks about this project, lessons learned, and offers best practice suggestions on how you can implement a similar program to help better scale your own security program for cloud operations.