SlideShare a Scribd company logo

Building a World-Class Proactive Integrated Security and Network Ops Center

Priyanka Aash
Priyanka Aash

The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hiring a minimal number of additional security professionals. Learn how to use the SNOC framework to transform your existing NOC into a single effective team that is responsible for both network and security functions. (Source: RSA USA 2016-San Francisco)

1 of 35
Download to read offline
SESSION ID: #RSAC Hanna Sicker CISM, CISSP Building a World-Class Proactive Integrated Security & Network Operations Center SNOC AIR-T11 Security & Network Operations SNOC Sr. Mgr. StubHub/eBay @snocgirl
#RSAC Operations Leaders (Security & Network)
#RSAC Service Unavailable…
#RSAC We Did it!
#RSAC SNOC Impact on Uptime & CSS Year 2011 Year 2012 Year 2013 Year 2014 Year 2015 99.95% 99.97% 99.99%99.90% 98.00% CSS * CSS: Customer Satisfaction Score
#RSAC How…
#RSAC Typical NOC & SOC Challenges
#RSAC How We Overcame the Challenges
#RSAC Break the Rules Say “NO” to Traditional Tiered Model
#RSAC SNOC IRP (Incident Response Process) Visibility Detection Analysis Investigation Response Remediation SLA Change Mgt. Process
#RSAC IRP – Step 1
#RSAC IRP – Step 2
#RSAC IRP – Step 3
#RSAC Proactive Integrated SNOC Framework Mgt. Team Tools BIC Services Reports Reinvest Recognize Enable
#RSAC Building a Winning Team
#RSAC Detailed SNOC Framework – Team Stage 1 • Quick impact - utilize the existing structure Stage 2 • Optimize & emphasize on quality Stage 3 • Identify & hire talent Stage 4 • Empower the team & remove the tiers Stage 5 • Team development life cycle - TDLC
#RSAC Stage 1 – Quick Impact (2 mo.)
#RSAC Stage 2 – Optimize & Emphasize on Quality
#RSAC Stage 3 – Identify & Hire Talent Round out the team puzzle
#RSAC Stage 4 – Empower the Team
#RSAC Stage 5 - Team Development Life Cycle - TDLC Train Mentor Coach Hire Talent Process Cross Train Enable Engage Quality
#RSAC Detailed SNOC Framework – Tools Stage 1 • Utilize Stage 2 • Optimize Stage 3 • Automate
#RSAC Finding the Right Tools
#RSAC SNOC Framework – BIC Services Our Formula BIC Services = Business Objectives = Customer Satisfaction Score (CSS) + Revenue ($) + Team Defined Goals (*APS) APS = Availability + Performance + Security Quick results without initial Mgt support = Team + Existing Tools + Reports
#RSAC SNOC Framework – Management Our Formula Increased demonstrated value = increased Mgt support (IMS) IMS = Recognition + Reinvestment
#RSAC Our Key to Success
#RSAC Team Characteristics
#RSAC Right Architecture - Security Layers 3rd Parties Tokenization Fraud detection WAF Client reputation Customized rules Bot detection IDS IPS SIEMPacket capture Bot detection WAF Vulnerability mgt. Fraud protection Data Activity Monitoring Log mgt.
#RSAC Use Case – Reducing ATOs
#RSAC SNOC Benefits & Future Challenges
#RSAC Apply If you are in the process of building a SOC, and you have an existing NOC, utilize your existing NOC team and transition them to become SNOC. Recognize similar functions between NOC & SOC and combine them. Before obtaining Mgt. commitment, focus on your team as the core component to build successful SNOC.
#RSAC Apply When you add new members, focus on character and culture fit. Try to round out the team puzzle. Do not pay for expertise; grow your own (entry level but highly motivated and trainable). Lead from the front Build alliances with other teams across all departments & learn from their key players.
#RSAC Apply Understand your business goals, traffic and users. Filter your traffic at the edge and protect at all layers. Shield your data center - If your business does B2C then any cloud services who host businesses can be blocked. If your clients are within a specific geographic area, then block all other countries/areas that you do not do business with. To reduce ATOs & attacks, create WAF rules based on your traffic & customers’ behavior.
#RSAC Apply – Cont. Utilize & optimize your and other teams’ existing tools. If no tools are available, then automate processes using scripts written by one of your own or another team’s members. Tune out false positive alerts and train the team to tune and modify the thresholds. Check if the NOC has tools that are applicable for SOC usage. Example: If the NOC is using a network performance monitoring tools, check to see if the tools can perform full packet capture.
#RSAC Let’s work together My contact info: Hanna Sicker hsicker@stubhub.com Twitter: @SNOCgirl

Recommended

Soc
SocSoc
Soc
Mukesh Chaudhari
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
AlienVault
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Network operations center (noc)
Network operations center (noc)Network operations center (noc)
Network operations center (noc)
Elena Benson
 
IDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthIDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in Depth
Ken Tulegenov
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
Priyanka Aash
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for Dummies
Atif Ghauri
 
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault
 

Recommended

Soc
SocSoc
Soc
Mukesh Chaudhari
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
AlienVault
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Network operations center (noc)
Network operations center (noc)Network operations center (noc)
Network operations center (noc)
Elena Benson
 
IDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthIDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in Depth
Ken Tulegenov
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
Priyanka Aash
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for Dummies
Atif Ghauri
 
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP'sAlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault MSSP Overview - A Different Approach to Security for MSSP's
AlienVault
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
 
Infosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPInfosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSP
Huntsman Security
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
Sirius
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples Counseling
Atif Ghauri
 
Cloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponseCloud Breach – Preparation and Response
Cloud Breach – Preparation and Response
Priyanka Aash
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint Security
Burak DAYIOGLU
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
Skill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCSkill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOC
Fuad Khan
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
LogRhythm
 
CO$T BENEFIT OF MSSP
CO$T BENEFIT OF MSSPCO$T BENEFIT OF MSSP
CO$T BENEFIT OF MSSP
Alex Himmelberg
 
Security operation center
Security operation centerSecurity operation center
Security operation center
MuthuKumaran267
 
ISS CAPSTONE TEAM
ISS CAPSTONE TEAMISS CAPSTONE TEAM
ISS CAPSTONE TEAM
Jonathan Fuller
 
Managed it business leader ppt
Managed it business leader pptManaged it business leader ppt
Managed it business leader ppt
BimadRajSinha1
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
Rasmi Swain
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to Basics
Damon Small
 
NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF) NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF)
Priyanka Aash
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE Experience
Digital Bond
 
Determining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceDetermining Scope for PCI DSS Compliance
Determining Scope for PCI DSS Compliance
Schellman & Company
 
Best practices for building network operations center
Best practices for building network operations centerBest practices for building network operations center
Best practices for building network operations center
Satish Chavan
 
Network Operations Center - Marlabs
Network Operations Center - MarlabsNetwork Operations Center - Marlabs
Network Operations Center - Marlabs
Marlabs
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
Sridhar Karnam
 

More Related Content

What's hot

5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
 
Infosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPInfosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSP
Huntsman Security
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
Sirius
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples Counseling
Atif Ghauri
 
Cloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponseCloud Breach – Preparation and Response
Cloud Breach – Preparation and Response
Priyanka Aash
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint Security
Burak DAYIOGLU
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
Skill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCSkill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOC
Fuad Khan
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
LogRhythm
 
CO$T BENEFIT OF MSSP
CO$T BENEFIT OF MSSPCO$T BENEFIT OF MSSP
CO$T BENEFIT OF MSSP
Alex Himmelberg
 
Security operation center
Security operation centerSecurity operation center
Security operation center
MuthuKumaran267
 
ISS CAPSTONE TEAM
ISS CAPSTONE TEAMISS CAPSTONE TEAM
ISS CAPSTONE TEAM
Jonathan Fuller
 
Managed it business leader ppt
Managed it business leader pptManaged it business leader ppt
Managed it business leader ppt
BimadRajSinha1
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
Rasmi Swain
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to Basics
Damon Small
 
NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF) NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF)
Priyanka Aash
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE Experience
Digital Bond
 
Determining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceDetermining Scope for PCI DSS Compliance
Determining Scope for PCI DSS Compliance
Schellman & Company
 
Best practices for building network operations center
Best practices for building network operations centerBest practices for building network operations center
Best practices for building network operations center
Satish Chavan
 

What's hot (20)

5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
 
Infosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPInfosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSP
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples Counseling
 
Cloud Breach – Preparation and Response
Cloud Breach – Preparation and ResponseCloud Breach – Preparation and Response
Cloud Breach – Preparation and Response
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint Security
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Skill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCSkill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOC
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
 
CO$T BENEFIT OF MSSP
CO$T BENEFIT OF MSSPCO$T BENEFIT OF MSSP
CO$T BENEFIT OF MSSP
 
Security operation center
Security operation centerSecurity operation center
Security operation center
 
ISS CAPSTONE TEAM
ISS CAPSTONE TEAMISS CAPSTONE TEAM
ISS CAPSTONE TEAM
 
Managed it business leader ppt
Managed it business leader pptManaged it business leader ppt
Managed it business leader ppt
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to Basics
 
NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF) NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF)
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE Experience
 
Determining Scope for PCI DSS Compliance
Determining Scope for PCI DSS ComplianceDetermining Scope for PCI DSS Compliance
Determining Scope for PCI DSS Compliance
 
Best practices for building network operations center
Best practices for building network operations centerBest practices for building network operations center
Best practices for building network operations center
 

Viewers also liked

Network Operations Center - Marlabs
Network Operations Center - MarlabsNetwork Operations Center - Marlabs
Network Operations Center - Marlabs
Marlabs
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
Sridhar Karnam
 
NETWORK OPERATION CENTER
NETWORK OPERATION CENTERNETWORK OPERATION CENTER
NETWORK OPERATION CENTER
Rolando Rodriguez
 
Network Operation Center Best Practices
Network Operation Center Best PracticesNetwork Operation Center Best Practices
Network Operation Center Best Practices
Ayehu Software Technologies Ltd.
 
Network Monitoring & Alarming
Network Monitoring & Alarming Network Monitoring & Alarming
Network Monitoring & Alarming
Anuson K
 
Demystifying Security Analytics: Data, Methods, Use Cases
Demystifying Security Analytics: Data, Methods, Use CasesDemystifying Security Analytics: Data, Methods, Use Cases
Demystifying Security Analytics: Data, Methods, Use Cases
Priyanka Aash
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
Stephen Tsuchiyama
 
SOC/NOC Convergence by Spire Research
SOC/NOC Convergence by Spire ResearchSOC/NOC Convergence by Spire Research
SOC/NOC Convergence by Spire Research
AccelOps
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWP
Sridhar Karnam
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deck
kevin_donovan
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
Ben Rothke
 
SIEM and SOC
SIEM and SOCSIEM and SOC
SIEM and SOC
Abolfazl Naderi
 
Practioners Guide to SOC
Practioners Guide to SOCPractioners Guide to SOC
Practioners Guide to SOC
AlienVault
 
Netrac Fault Management Solution
Netrac Fault Management SolutionNetrac Fault Management Solution
Netrac Fault Management Solution
Perceptio
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Monitoring and Log Management for
Monitoring and Log Management forMonitoring and Log Management for
Monitoring and Log Management for
Sematext Group, Inc.
 
Image processing Presentation
Image processing PresentationImage processing Presentation
Image processing Presentation
Valia koonambaikulathamma college of engineering and technology
 
Basics of Image Processing using MATLAB
Basics of Image Processing using MATLABBasics of Image Processing using MATLAB
Basics of Image Processing using MATLAB
vkn13
 
Network Operations Center
Network Operations Center Network Operations Center
Network Operations Center
Muhannad Kalbouneh
 

Viewers also liked (20)

Network Operations Center - Marlabs
Network Operations Center - MarlabsNetwork Operations Center - Marlabs
Network Operations Center - Marlabs
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
 
NETWORK OPERATION CENTER
NETWORK OPERATION CENTERNETWORK OPERATION CENTER
NETWORK OPERATION CENTER
 
Network Operation Center Best Practices
Network Operation Center Best PracticesNetwork Operation Center Best Practices
Network Operation Center Best Practices
 
Network Monitoring & Alarming
Network Monitoring & Alarming Network Monitoring & Alarming
Network Monitoring & Alarming
 
Demystifying Security Analytics: Data, Methods, Use Cases
Demystifying Security Analytics: Data, Methods, Use CasesDemystifying Security Analytics: Data, Methods, Use Cases
Demystifying Security Analytics: Data, Methods, Use Cases
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
 
SOC/NOC Convergence by Spire Research
SOC/NOC Convergence by Spire ResearchSOC/NOC Convergence by Spire Research
SOC/NOC Convergence by Spire Research
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWP
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deck
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
SIEM and SOC
SIEM and SOCSIEM and SOC
SIEM and SOC
 
GBM Network Operation Center
GBM Network Operation CenterGBM Network Operation Center
GBM Network Operation Center
 
Practioners Guide to SOC
Practioners Guide to SOCPractioners Guide to SOC
Practioners Guide to SOC
 
Netrac Fault Management Solution
Netrac Fault Management SolutionNetrac Fault Management Solution
Netrac Fault Management Solution
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Monitoring and Log Management for
Monitoring and Log Management forMonitoring and Log Management for
Monitoring and Log Management for
 
Image processing Presentation
Image processing PresentationImage processing Presentation
Image processing Presentation
 
Basics of Image Processing using MATLAB
Basics of Image Processing using MATLABBasics of Image Processing using MATLAB
Basics of Image Processing using MATLAB
 
Network Operations Center
Network Operations Center Network Operations Center
Network Operations Center
 

Similar to Building a World-Class Proactive Integrated Security and Network Ops Center

digitaliKa | White Paper
digitaliKa | White PaperdigitaliKa | White Paper
digitaliKa | White Paper
Nicolas Schobinger
 
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
retheauditors
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security Architecture
Priyanka Aash
 
Cybersecurity model and top cloud security controls for product development e...
Cybersecurity model and top cloud security controls for product development e...Cybersecurity model and top cloud security controls for product development e...
Cybersecurity model and top cloud security controls for product development e...
James DeLuccia IV
 
resume
resumeresume
resume
vel murugan
 
IT Technical Support Manager
IT Technical Support ManagerIT Technical Support Manager
IT Technical Support Manager
waseem ahmed
 
Software Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring SecuritySoftware Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring Security
Thomas Malmberg
 
SAP Managed Services – Picking The Perfect Partner - Techwave.pdf
SAP Managed Services – Picking The Perfect Partner - Techwave.pdfSAP Managed Services – Picking The Perfect Partner - Techwave.pdf
SAP Managed Services – Picking The Perfect Partner - Techwave.pdf
Anil
 
Securing 100 products - How hard can it be?
Securing 100 products - How hard can it be?Securing 100 products - How hard can it be?
Securing 100 products - How hard can it be?
Priyanka Aash
 
Getting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-convergedGetting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-converged
Synapse360
 
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security HeadachesAspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Priyanka Aash
 
Espion and SureSkills Presentation - Your Journey To A Secure Cloud
Espion and SureSkills Presentation - Your Journey To A Secure CloudEspion and SureSkills Presentation - Your Journey To A Secure Cloud
Espion and SureSkills Presentation - Your Journey To A Secure Cloud
Google
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
Priyanka Aash
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
Priyanka Aash
 
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitiveCisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Canada
 
SaaS, MaaS, Cloud Capability
SaaS, MaaS, Cloud CapabilitySaaS, MaaS, Cloud Capability
SaaS, MaaS, Cloud Capability
mobiangle
 
Sundarapandiyan Updated Profile (1)
Sundarapandiyan Updated Profile (1)Sundarapandiyan Updated Profile (1)
Sundarapandiyan Updated Profile (1)
Sundarapandiyan Mohan
 
Microservices With SenecaJS
Microservices With SenecaJSMicroservices With SenecaJS
Microservices With SenecaJS
Designveloper
 
SAP Landscape Security
SAP Landscape SecuritySAP Landscape Security
SAP Landscape Security
Joachim Kaland
 
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
Paula Januszkiewicz
 

Similar to Building a World-Class Proactive Integrated Security and Network Ops Center (20)

digitaliKa | White Paper
digitaliKa | White PaperdigitaliKa | White Paper
digitaliKa | White Paper
 
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security Architecture
 
Cybersecurity model and top cloud security controls for product development e...
Cybersecurity model and top cloud security controls for product development e...Cybersecurity model and top cloud security controls for product development e...
Cybersecurity model and top cloud security controls for product development e...
 
resume
resumeresume
resume
 
IT Technical Support Manager
IT Technical Support ManagerIT Technical Support Manager
IT Technical Support Manager
 
Software Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring SecuritySoftware Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring Security
 
SAP Managed Services – Picking The Perfect Partner - Techwave.pdf
SAP Managed Services – Picking The Perfect Partner - Techwave.pdfSAP Managed Services – Picking The Perfect Partner - Techwave.pdf
SAP Managed Services – Picking The Perfect Partner - Techwave.pdf
 
Securing 100 products - How hard can it be?
Securing 100 products - How hard can it be?Securing 100 products - How hard can it be?
Securing 100 products - How hard can it be?
 
Getting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-convergedGetting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-converged
 
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security HeadachesAspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security Headaches
 
Espion and SureSkills Presentation - Your Journey To A Secure Cloud
Espion and SureSkills Presentation - Your Journey To A Secure CloudEspion and SureSkills Presentation - Your Journey To A Secure Cloud
Espion and SureSkills Presentation - Your Journey To A Secure Cloud
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
 
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitiveCisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitive
 
SaaS, MaaS, Cloud Capability
SaaS, MaaS, Cloud CapabilitySaaS, MaaS, Cloud Capability
SaaS, MaaS, Cloud Capability
 
Sundarapandiyan Updated Profile (1)
Sundarapandiyan Updated Profile (1)Sundarapandiyan Updated Profile (1)
Sundarapandiyan Updated Profile (1)
 
Microservices With SenecaJS
Microservices With SenecaJSMicroservices With SenecaJS
Microservices With SenecaJS
 
SAP Landscape Security
SAP Landscape SecuritySAP Landscape Security
SAP Landscape Security
 
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
Priyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
Priyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
Priyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
Priyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
Priyanka Aash
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
Priyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Priyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
Priyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
Priyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
Priyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
Priyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
Priyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Priyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Priyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Tatiana Kojar
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
GDSC PJATK
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
alexjohnson7307
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Hiike
 

Recently uploaded (20)

GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
 

Building a World-Class Proactive Integrated Security and Network Ops Center

  • 1. SESSION ID: #RSAC Hanna Sicker CISM, CISSP Building a World-Class Proactive Integrated Security & Network Operations Center SNOC AIR-T11 Security & Network Operations SNOC Sr. Mgr. StubHub/eBay @snocgirl
  • 5. #RSAC SNOC Impact on Uptime & CSS Year 2011 Year 2012 Year 2013 Year 2014 Year 2015 99.95% 99.97% 99.99%99.90% 98.00% CSS * CSS: Customer Satisfaction Score
  • 7. #RSAC Typical NOC & SOC Challenges
  • 8. #RSAC How We Overcame the Challenges
  • 9. #RSAC Break the Rules Say “NO” to Traditional Tiered Model
  • 10. #RSAC SNOC IRP (Incident Response Process) Visibility Detection Analysis Investigation Response Remediation SLA Change Mgt. Process
  • 14. #RSAC Proactive Integrated SNOC Framework Mgt. Team Tools BIC Services Reports Reinvest Recognize Enable
  • 16. #RSAC Detailed SNOC Framework – Team Stage 1 • Quick impact - utilize the existing structure Stage 2 • Optimize & emphasize on quality Stage 3 • Identify & hire talent Stage 4 • Empower the team & remove the tiers Stage 5 • Team development life cycle - TDLC
  • 17. #RSAC Stage 1 – Quick Impact (2 mo.)
  • 18. #RSAC Stage 2 – Optimize & Emphasize on Quality
  • 19. #RSAC Stage 3 – Identify & Hire Talent Round out the team puzzle
  • 20. #RSAC Stage 4 – Empower the Team
  • 21. #RSAC Stage 5 - Team Development Life Cycle - TDLC Train Mentor Coach Hire Talent Process Cross Train Enable Engage Quality
  • 22. #RSAC Detailed SNOC Framework – Tools Stage 1 • Utilize Stage 2 • Optimize Stage 3 • Automate
  • 24. #RSAC SNOC Framework – BIC Services Our Formula BIC Services = Business Objectives = Customer Satisfaction Score (CSS) + Revenue ($) + Team Defined Goals (*APS) APS = Availability + Performance + Security Quick results without initial Mgt support = Team + Existing Tools + Reports
  • 25. #RSAC SNOC Framework – Management Our Formula Increased demonstrated value = increased Mgt support (IMS) IMS = Recognition + Reinvestment
  • 26. #RSAC Our Key to Success
  • 28. #RSAC Right Architecture - Security Layers 3rd Parties Tokenization Fraud detection WAF Client reputation Customized rules Bot detection IDS IPS SIEMPacket capture Bot detection WAF Vulnerability mgt. Fraud protection Data Activity Monitoring Log mgt.
  • 29. #RSAC Use Case – Reducing ATOs
  • 30. #RSAC SNOC Benefits & Future Challenges
  • 31. #RSAC Apply If you are in the process of building a SOC, and you have an existing NOC, utilize your existing NOC team and transition them to become SNOC. Recognize similar functions between NOC & SOC and combine them. Before obtaining Mgt. commitment, focus on your team as the core component to build successful SNOC.
  • 32. #RSAC Apply When you add new members, focus on character and culture fit. Try to round out the team puzzle. Do not pay for expertise; grow your own (entry level but highly motivated and trainable). Lead from the front Build alliances with other teams across all departments & learn from their key players.
  • 33. #RSAC Apply Understand your business goals, traffic and users. Filter your traffic at the edge and protect at all layers. Shield your data center - If your business does B2C then any cloud services who host businesses can be blocked. If your clients are within a specific geographic area, then block all other countries/areas that you do not do business with. To reduce ATOs & attacks, create WAF rules based on your traffic & customers’ behavior.
  • 34. #RSAC Apply – Cont. Utilize & optimize your and other teams’ existing tools. If no tools are available, then automate processes using scripts written by one of your own or another team’s members. Tune out false positive alerts and train the team to tune and modify the thresholds. Check if the NOC has tools that are applicable for SOC usage. Example: If the NOC is using a network performance monitoring tools, check to see if the tools can perform full packet capture.
  • 35. #RSAC Let’s work together My contact info: Hanna Sicker hsicker@stubhub.com Twitter: @SNOCgirl