When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?
Which governance domain focuses on proper and adequate incident detection, response, notification, and remediation?
When investigating an incident in an Infrastructure as a Service (IaaS) environment, what can the user investigate on their own?