Security Operations Center: Building, Operating, and Maintaining your SOC
- By Joseph Muniz, Gary McIntyre, Nadhem AlFardan
- Published Nov 2, 2015 by Cisco Press.
EPUB (Watermarked)
- Your Price: $50.59
- About Watermarked eBooks
This EPUB will be accessible from your Account page after purchase.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Also available in other formats.
- Copyright 2016
- Dimensions: 7-3/8" x 9-1/8"
- Pages: 448
- Edition: 1st
- EPUB (Watermarked)
- ISBN-10: 0-13-405203-X
- ISBN-13: 978-0-13-405203-8
Security Operations Center
Building, Operating, and Maintaining Your SOC
The complete, practical guide to planning, building, and operating an effective Security Operations Center (SOC)
Security Operations Center is the complete guide to building, operating, and managing Security Operations Centers in any environment. Drawing on experience with hundreds of customers ranging from Fortune 500 enterprises to large military organizations, three leading experts thoroughly review each SOC model, including virtual SOCs. You’ll learn how to select the right strategic option for your organization, and then plan and execute the strategy you’ve chosen.
Security Operations Center walks you through every phase required to establish and run an effective SOC, including all significant people, process, and technology capabilities. The authors assess SOC technologies, strategy, infrastructure, governance, planning, implementation, and more. They take a holistic approach considering various commercial and open-source tools found in modern SOCs.
This best-practice guide is written for anybody interested in learning how to develop, manage, or improve a SOC. A background in network security, management, and operations will be helpful but is not required. It is also an indispensable resource for anyone preparing for the Cisco SCYBER exam.
· Review high-level issues, such as vulnerability and risk management, threat intelligence, digital investigation, and data collection/analysis
· Understand the technical components of a modern SOC
· Assess the current state of your SOC and identify areas of improvement
· Plan SOC strategy, mission, functions, and services
· Design and build out SOC infrastructure, from facilities and networks to systems, storage, and physical security
· Collect and successfully analyze security data
· Establish an effective vulnerability management practice
· Organize incident response teams and measure their performance
· Define an optimal governance and staffing model
· Develop a practical SOC handbook that people can actually use
· Prepare SOC to go live, with comprehensive transition plans
· React quickly and collaboratively to security incidents
· Implement best practice security operations, including continuous enhancement and improvement
Table of Contents
- Chapter 1 Introduction to Security Operations and the SOC
- Chapter 2 Overview of SOC Technologies
- Chapter 3 Assessing Security Operations Capabilities
- Chapter 4 SOC Strategy
- Chapter 5 The SOC Infrastructure
- Chapter 6 Security Event Generation and Collection
- Chapter 7 Vulnerability Management
- Chapter 8 People and Processes
- Chapter 9 The Technology
- Chapter 10 Preparing to Operate
- Chapter 11 Reacting to Events and Incidents
- Chapter 12 Maintain, Review, and Improve