The Modern Security Operations Center
| AUTHOR | Frost, Moses; Santos, Omar; Lakhani, Aamir et al. |
| PUBLISHER | Addison-Wesley Professional (05/06/2021) |
| PRODUCT TYPE | Paperback (Paperback) |
The Industry Standard, Vendor-Neutral Guide to Managing SOCs and Delivering SOC Services
This completely new, vendor-neutral guide brings together all the knowledge you need to build, maintain, and operate a modern Security Operations Center (SOC) and deliver security services as efficiently and cost-effectively as possible.
Leading security architect Joseph Muniz helps you assess current capabilities, align your SOC to your business, and plan a new SOC or evolve an existing one. He covers people, process, and technology; explores each key service handled by mature SOCs; and offers expert guidance for managing risk, vulnerabilities, and compliance. Throughout, hands-on examples show how advanced red and blue teams execute and defend against real-world exploits using tools like Kali Linux and Ansible. Muniz concludes by previewing the future of SOCs, including Secure Access Service Edge (SASE) cloud technologies and increasingly sophisticated automation.
This guide will be indispensable for everyone responsible for delivering security services--managers and cybersecurity professionals alike.
Address core business and operational requirements, including sponsorship, management, policies, procedures, workspaces, staffing, and technology
Identify, recruit, interview, onboard, and grow an outstanding SOC team
Thoughtfully decide what to outsource and what to insource
Collect, centralize, and use both internal data and external threat intelligence
Quickly and efficiently hunt threats, respond to incidents, and investigate artifacts
Reduce future risk by improving incident recovery and vulnerability management
Apply orchestration and automation effectively, without just throwing money at them
Position yourself today for emerging SOC technologies
- All you need to know to effectively provide comprehensive security services through a modern SOC -- whether you're a manager, security professional, or network professional
- Covers the technical, people, process, and compliance issues required to make an SOC effective -- no matter whose technology you're using
- Includes full chapters on data centralization, data orchestration, threat intelligence, threat hunting, and many other key topics
- By three internationally renowned security, SOC, and networking experts
The Industry Standard, Vendor-Neutral Guide to Managing SOCs and Delivering SOC Services
This completely new, vendor-neutral guide brings together all the knowledge you need to build, maintain, and operate a modern Security Operations Center (SOC) and deliver security services as efficiently and cost-effectively as possible.
Leading security architect Joseph Muniz helps you assess current capabilities, align your SOC to your business, and plan a new SOC or evolve an existing one. He covers people, process, and technology; explores each key service handled by mature SOCs; and offers expert guidance for managing risk, vulnerabilities, and compliance. Throughout, hands-on examples show how advanced red and blue teams execute and defend against real-world exploits using tools like Kali Linux and Ansible. Muniz concludes by previewing the future of SOCs, including Secure Access Service Edge (SASE) cloud technologies and increasingly sophisticated automation.
This guide will be indispensable for everyone responsible for delivering security services--managers and cybersecurity professionals alike.
Address core business and operational requirements, including sponsorship, management, policies, procedures, workspaces, staffing, and technology
Identify, recruit, interview, onboard, and grow an outstanding SOC team
Thoughtfully decide what to outsource and what to insource
Collect, centralize, and use both internal data and external threat intelligence
Quickly and efficiently hunt threats, respond to incidents, and investigate artifacts
Reduce future risk by improving incident recovery and vulnerability management
Apply orchestration and automation effectively, without just throwing money at them
Position yourself today for emerging SOC technologies