Learn how to establish and operate a one-person Security Operations Center (SOC) in this 38-minute conference talk from Derbycon 2012. Explore the definition and importance of a SOC, address common misconceptions, and discover practical steps to implement a SOC workflow. Gain insights into essential tools, solution building, maintenance, and testing procedures. Delve into crucial aspects such as threat modeling, monitoring, system and network hardening, web filtration, endpoint security, and incident response planning. Conclude with a live demonstration and access to contact information for further guidance.
Overview
Syllabus
Introduction
About Jamie Murdock
About Steve
What is SOC
SOC Definition
Why do you need a SOC
Who really cares
We dont have to worry
You dont have to worry
Users are the smartest people
Employees will never be a concern
Zombies
Loops
Automation
Where do I start
Create a workflow
Tools
Build a Solution
Maintenance
Testing Acceptance
Threat Modeling
Monitoring
System hardening
Network hardening
Web filtration
Endpoint security
Incident response
Response plan
Internal breach report
Live Demo
Contact Info
Related Courses
-
In the Trenches: Security Operations Center
-
IBM Cybersecurity Analyst
5.0 -
Decoding Security Operations - A Complete SOC 101 Crash Course
-
SOC Analyst: Top Interview Questions and Answers for Security Operations Center - 2024
-
Revolutionizing the SOC Using AI - Empowering Security Operations Against Modern Threats
