Dating back for decades now, most major companies and enterprises have had “security” teams. Sometimes called “IT Security” or “infrastructure security” or something along those lines. This group was responsible for everything from security policies to risk reviews to approving firewall changes. Sometimes they’d own things like IDS/IPS, anti-virus, and often strictly security tools like a SIEM, a WAF, or…