What is the SOC and why is it important? This booklet provides a brief overview of the 11 Strategies of a World-Class Cybersecurity Operations Center. It...
Category: SOC
CISO2CISO Notepad Series SOC SOC Open Source Tools THREAT INTELLIGENCE TOP Featured Post User most voted post
OPEN SOURCE SOC TOOLS BY BONI YEAMIN
Incident Management Systems …………………………01Network Security Monitoring…………………………….02Endpoint monitoring / HIDS………………………………03Incident Response……………………………………………03Malware Sandbox and Malware Analysis…………….03Threat Intelligence Platforms……………………………04Purple Team Testing and Reporting……………………05Security Orchestration Automation and Response.08
CISO2CISO Notepad Series SOC Technical Documents Threat Hunting Cybersecurity THREAT INTELLIGENCE TOP Featured Post User most voted post
Definitive Guide to SOC as a Service – The Essential Elements of Advanced Threat Detection and Response by Crystal Bedell and Mark Bouchard – ARCTIC WOLF
Enterprise security has changed radically over the last 10 years. Antivirus and spam filters no longer provide adequate protection. Attackers bypass preventive controls and access networks...
Windows Event Security Log Analysis
ContentsIntroduction ……………………………………………………………………………………………………………………………….. 2Event Log Format ………………………………………………………………………………………………………………………… 3Account Management Events ………………………………………………………………………………………………………. 4Account Logon and Logon Events ………………………………………………………………………………………………….. 5Access to Shared Objects …………………………………………………………………………………………………………… 11Scheduled Task Logging ……………………………………………………………………………………………………………… 12Object...
CISO2CISO Notepad Series Security Operations Centers (SOCs) SOC Technical Documents TOP Featured Post
Security Operations Center – A Business Perspective by Aristeidis Michail
IntroductionThe information security landscape has shifted tremendously over the past decade. Information security threats have been increasing exponentially both in numbers as well as complexity. To...
CISO CISO Strategics CISO2CISO Notepad Series Cybersecurity Orchestration, Automation and Response Security Operations Centers (SOCs) SOAR SOC Technical Documents TOP Featured Post User most voted post
Five Automation Use Cases for Splunk SOAR by Splunk – Alert Enrichment , Phishing Investigation & Response, Endpoint Malware Triage, Command & Control Investigation & Containment, Threat Intelligence.
The security operations center (SOC) is constantly overwhelmed. Analysts are drowning in security alerts, with far too many threats to investigate and resolve. Security operations work...
The SOC of the Future by Jeffrey Wheat (Lumu`s CTO)
url pub: https://lumu.io/blog/soc-of-the-future/ Lumu’s recently appointed Field CTO Jeffrey Wheat looks at the future of the SOC and how incremental improvement leads to proficient operations. Beginning...
CISO CISO2CISO Notepad Series Last Article Publication Security Operations Centers (SOCs) SIEM SOC User most voted post
The State of SIEM Detection Risk 2022 Report – Quantifying the gaps in MITRE ATT&CK coverage for productions SIEMs
EXECUTIVE SUMMARY “Use cases are the core of security monitoring activities. A structured process to identify, prioritize, implement, and maintain use cases allows organizations to align...
CISO2CISO Notepad Series Last Article Publication Security Operations Centers (SOCs) SIEM SOC User most voted post
A Complete Guide to Modernizing your Security Operations Centers (SOCs) by Microsoft and CyberProof
INTRODUCTIONHaving a security operations center (SOC) is no longer a privilege of large organizations. With growing cyber attacks and a changing technology landscape, all companies are...
7 Best Reasons to be a CISO by Michaell Hill UK Editor CSO
https://www.csoonline.com/article/3669473/7-best-reasons-to-be-a-ciso.html The job of the CISO can be tough with its share of challenges, difficulties and complications. A CISO’s trials and tribulations include responsibility for protecting...
