Explore key actionable metrics for SOC operations in this 27-minute conference talk from RSA Conference. Gain insights into detection, response, and automation metrics, as well as content engineering and agile methodology. Discover how to measure hunt and business alignment, and analyst skill development. Learn about the GQIM approach for deriving metrics from capabilities and its application to the SOC capability triad. Compare Kanban and Scrum methodologies in SOC operations, and understand the importance of Blue and Red Team metrics. Examine governance and PMO metrics to improve overall SOC performance. Apply these practical insights to enhance your organization's security operations center effectiveness.
SOC Metrics - Discovering the Key to SOC Nirvana
Overview
Syllabus
RSAConference 2020
Agenda/Motivations for this session
Some of the Metrics we will discuss today
Introducing GQIM-deriving metrics from capabilities
Using GQIM for SOC capability triad
SOC Operations
Kanban v/s Scrum
SOC Engineering & IT
Blue and Red Team
Governance and PMO Metric
Apply What You Have Learned Today
Taught by
RSA Conference
