Home Page Icon
Home Page
Table of Contents for
The Modern Security Operations Center
Close
The Modern Security Operations Center
by
The Modern Security Operations Center
Cover Page
About This eBook
Title Page
Copyright Page
Dedication
Table of Contents
Preface
Vision
Who Should Read This Book?
How This Book Is Organized
Book Structure
We Want to Hear from You!
Reader Services
Acknowledgments
About the Author
Figure Credits
Chapter 1. Introducing Security Operations and the SOC
Introducing the SOC
Factors Leading to a Dysfunctional SOC
Cyberthreats
Investing in Security
The Impact of a Breach
Establishing a Baseline
Fundamental Security Capabilities
Standards, Guidelines, and Frameworks
Industry Threat Models
Vulnerabilities and Risk
Business Challenges
In-House vs. Outsourcing
SOC Services
SOC Maturity Models
SOC Goals Assessment
SOC Capabilities Assessment
SOC Development Milestones
Summary
References
Chapter 2. Developing a Security Operations Center
Mission Statement and Scope Statement
Developing a SOC
SOC Procedures
Security Tools
Planning a SOC
Designing a SOC Facility
Network Considerations
Disaster Recovery
Security Considerations
Internal Security Tools
Guidelines and Recommendations for Securing Your SOC Network
SOC Tools
Summary
References
Chapter 3. SOC Services
Fundamental SOC Services
The Three Pillars of Foundational SOC Support Services
SOC Service Areas
SOC Service Job Goals
Service Maturity: If You Build It, They Will Come
SOC Service 1: Risk Management
SOC Service 2: Vulnerability Management
SOC Service 3: Compliance
SOC Service 4: Incident Management
SOC Service 5: Analysis
SOC Service 6: Digital Forensics
SOC Service 7: Situational and Security Awareness
SOC Service 8: Research and Development
Summary
References
Chapter 4. People and Process
Career vs. Job
Developing Job Roles
SOC Job Roles
NICE Cybersecurity Workforce Framework
Role Tiers
SOC Services and Associated Job Roles
Soft Skills
Security Clearance Requirements
Pre-Interviewing
Interviewing
Onboarding Employees
Managing People
Job Retention
Training
Certifications
Company Culture
Summary
References
Chapter 5. Centralizing Data
Data in the SOC
Data-Focused Assessment
Logs
Security Information and Event Management
Troubleshooting SIEM Logging
APIs
Big Data
Machine Learning
Summary
References
Chapter 6. Reducing Risk and Exceeding Compliance
Why Exceeding Compliance
Policies
Launching a New Policy
Policy Enforcement
Procedures
Tabletop Exercise
Standards, Guidelines, and Frameworks
Audits
Assessments
Penetration Test
Industry Compliance
Summary
References
Chapter 7. Threat Intelligence
Threat Intelligence Overview
Threat Intelligence Categories
Threat Intelligence Context
Evaluating Threat Intelligence
Planning a Threat Intelligence Project
Collecting and Processing Intelligence
Actionable Intelligence
Feedback
Summary
References
Chapter 8. Threat Hunting and Incident Response
Security Incidents
Incident Response Lifecycle
Phase 1: Preparation
Phase 2: Detection and Analysis
Phase 3: Containment, Eradication, and Recovery
Digital Forensics
Phase 4: Post-Incident Activity
Incident Response Guidelines
Summary
References
Chapter 9. Vulnerability Management
Vulnerability Management
Measuring Vulnerabilities
Vulnerability Technology
Vulnerability Management Service
Vulnerability Response
Vulnerability Management Process Summarized
Summary
References
Chapter 10. Data Orchestration
Introduction to Data Orchestration
Security Orchestration, Automation, and Response
Endpoint Detection and Response
Playbooks
Automation
DevOps Programming
DevOps Tools
Blueprinting with Osquery
Network Programmability
Cloud Programmability
Summary
References
Chapter 11. Future of the SOC
All Eyes on SD-WAN and SASE
IT Services Provided by the SOC
Future of Training
Full Automation with Machine Learning
Future of Your SOC: Bringing It All Together
Summary
References
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Index
Next
Next Chapter
The Modern Security Operations Center
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset