Awesome SOC

November 6, 2023
Post Author / Publisher: https://md2pdf.netlify.app/

CISO2CISO post categories: 0 - CT - CISO Strategics - Social Engineering, 0CISO2CISO, CISO2CISO Notepad Series

A collection of sources of documentation, and field best practices, to build and run a SOC
(including CSIRT).

Those are my view, based on my own experience as SOC/CSIRT analyst and team manager, as well as well-known papers. Focus is more on SOC than on CERT/CSIRT.

My motto is: without reaction (response), detection is useless.

NB: Generally speaking, SOC here refers to detection activity, and CERT/CSIRT to incident response activity. CERT is a well-known (formerly) US trademark, run by CERT-CC, but I prefer the term CSIRT.

Awesome-SOC Download

CISO2CISO post categories: 0 - CT - CISO Strategics - Social Engineering, 0CISO2CISO, CISO2CISO Notepad Series

Guide for Multi-Cloud Read Team AWS – GCP – AZURE by Joas Antonio

Guide for Multi-Cloud Read Team...

CISO2CISO Notepad Series

The sqreen DevSecOps Security Checklist

The sqreen DevSecOps Security Checklist

DevSecOps Guides – Comprehensive resource for integrating security into the software development by HADESS

DevSecOps Guides – Comprehensive resource...

81 Siem Very important Use Cases for your SOC by SPLUNK

81 Siem Very important Use...

NCSC Cyber Security for Small Business “SMEs” Guide.

NCSC Cyber Security for Small...

State of Kubernetes Security Report 2022 by RedHat

State of Kubernetes Security Report...

Marcos Jaimovich

Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich

Why do we compare a...

Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio

Security Operations Center (SOC) –...

Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams

Incident Response Playbooks & Workflows...

396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint

396 Use Cases & Siem...

Forrester - Allie Mellen

Adapt Or Die: XDR Is On A Collision Course With SIEM And SOAR – EDR Is Dead, Long Live XDR by Allie Mellen – Forrester

Adapt Or Die: XDR Is...

CYBER LEADERSHIP INTITUTE

CISO PLAYBOOK: FIRST 100 DAYS Setting the CISO up for success

CISO PLAYBOOK: FIRST 100 DAYS...

Unveiling the Breach!

Unveiling the Breach!

Unveiling the Cybersecurity Paradox

Unveiling the Cybersecurity Paradox

World Economic Forum

Unlocking Cyber Resiliencein Industrial Environments: Five Principles

Unlocking Cyber Resiliencein Industrial Environments:...

Understanding the latest CVSS 4.0

Understanding the latest CVSS 4.0

ministry of security

TYPES OF CYBER ATTACKS

TYPES OF CYBER ATTACKS

Event Codes for fun & profit

Event Codes for fun &...

TOP C&C METHODS

TOP C&C METHODS

Top 25 Penetration Testing Tools (2023)

Top 25 Penetration Testing Tools...

9 Waysto Prevent a Supply Chain Attackon Your CI/CD Server

9 Waysto Prevent a Supply...

DevSecOps Guide

Top System Programming Vulnerabilities

Top System Programming Vulnerabilities

DevSecOps Guide

Top Business Logic Vulnerability in Web

Top Business Logic Vulnerability in...

Top 25 Cybersecurity Frameworks to Consider for your cybersecurity program

Top 25 Cybersecurity Frameworks to...

IGNITE Technologies

Burpsuite for Pentester Course

Burpsuite for Pentester Course

Building Secure AWS Environments

Building Secure AWS Environments

Browser Attack Surface

Browser Attack Surface

Boletin de Ciberseguridad CSOC Claro Empresas

Boletin de Ciberseguridad CSOC Claro Empresas

BloodHood Unleashed

BloodHood Unleashed

BELGIUM INTERNATIONAL CHAMBER OF COMMERCE

Belgian Cyber Security Guide

Belgian Cyber Security Guide

Azure DevOps Security CheckList

Azure DevOps Security CheckList

AWS Best Practices for DDoS Resiliency

AWS Best Practices for DDoS Resiliency

osint - Open Source Intelligence

Awesome OSINT Open Source Intelligence

Awesome OSINT Open Source Intelligence

Awesome Cobalt BoF

Awesome Cobalt BoF

Audit Management Playbook

Audit Management Playbook

DevSecOps Guide

Attacking Against DevOps Environment

Attacking Against DevOps Environment

Attacking Active Directory Initial Attack Vectors

Attacking Active Directory Initial Attack Vectors

Threat Intel Roundup: Splunk, D0nut, DarkGate, SentinelAgent

Threat Intel Roundup: Splunk, D0nut, DarkGate, SentinelAgent

ministry of security

Threat Hunting vs Threat Assesssment

Threat Hunting vs Threat Assesssment

Cyborg Security

THREAT HUNTING FRAMEWORK

THREAT HUNTING FRAMEWORK

Threat Intel Roundup IIS, BLOODALCHEMY, Wordpad, CISCO

Threat Intel Roundup IIS, BLOODALCHEMY, Wordpad, CISCO

The SINET Risk Executive Handbook

The SINET Risk Executive Handbook

The 2014 Sony Hack and the Role of International Law

The 2014 Sony Hack and the Role of International Law

The Second Quantum Revolution

The Second Quantum Revolution

Unveiling the Path to Cybersecurity Excellence:

Unveiling the Path to Cybersecurity Excellence:

World Economic Forum

The Global Risks Report 2023

The Global Risks Report 2023

The path to digital leadership

The path to digital leadership

The Data Security Checklist for Business

The Data Security Checklist for Business

THE CYBER THREAT REPORT

THE CYBER THREAT REPORT

THE CTS CYBER ATTACK, MSP VULNERABILITIES EXPOSED

THE CTS CYBER ATTACK, MSP VULNERABILITIES EXPOSED

The Windows Hacker

The Windows Hacker

ATTACK CAMPAIGNS OF THE APT28 OPERATING MODE

ATTACK CAMPAIGNS OF THE APT28 OPERATING MODE