SlideShare a Scribd company logo

Manoj purandare - Strategy towards an Effective Security Operations Centre - SOC

Manoj Purandare ☁
Manoj Purandare ☁

Effective Security Operations Centre SOC building - by Manoj Purandare. This article tries to give a strategy towards building am effective SOC using its 4 major points steps and 11 effective steps recipe - for Organisation's / Govt's safety and security

1 of 33
A Strategy towards an Effective SOC - Manoj Purandare Effective Security Operations Centre SOC building - by Manoj Purandare This article tries to give a strategy towards building am effective SOC using its 4 major points steps and 11 effective steps recipe - for Organisation's / Govt's safety and security.
A Strategy towards an Effective SOC - Manoj Purandare I - Background - Information Technology continues to evolve at a rapid pace. This article describes a structured approach toward the formation of a government SOC that enables organizations to integrate this capability into their overall Information Security Management System (ISMS) and align with many of the requirements introduced by ISO/IEC 27001:2013. So, why do we need a SOC ?
A Strategy towards an Effective SOC - Manoj Purandare II- Creating the Roadmap – Since you can’t build a world-class SOC overnight, creating a plan for incremental phases of implementation is critical to success. • Budget • Timelines • What goes into such a roadmap? • What comes first and what next? • The goal can be execute regular incremental improvements based on your completed gap analysis and to establish a series of prioritized milestones that lead the organization towards optimized security and improved incident detection and response. • You need • The Right People • The Required Process • The ever updating and precise Technology • The Platform • The Proactive and Real Time – Threat Intelligence
A Strategy towards an Effective SOC - Manoj Purandare Let us see a basic design flow of the SOC requirements as below :
A Strategy towards an Effective SOC - Manoj Purandare
A Strategy towards an Effective SOC - Manoj Purandare The gaps you uncover in that analysis can be translated into goals. Budget, personnel and cultural constraints require that new processes and technologies be implemented in stages.
A Strategy towards an Effective SOC - Manoj Purandare The Required SOC team members & their roles and responsibilities 1.The Right People
A Strategy towards an Effective SOC - Manoj Purandare The Required SOC team members & their roles and responsibilities In addition to SOC analysts, a security operations center requires a ringmaster for its many moving parts. The SOC manager often fights fires, within and outside of the SOC. The SOC manager is responsible for prioritizing work and organizing resources with the ultimate goal of detecting, investigating and mitigating incidents that could impact the business. A typical SOC organization is illustrated in Figure 2.
A Strategy towards an Effective SOC - Manoj Purandare The Required SOC team members & their roles and responsibilities The SOC Org Chart : The SOC manager should develop a workflow model and implement standardized operating procedures (SOPs) for the incident-handling process that guides analysts through triage and response procedures.
A Strategy towards an Effective SOC - Manoj Purandare 2. The required Processes
A Strategy towards an Effective SOC - Manoj Purandare
A Strategy towards an Effective SOC - Manoj Purandare The Collective SOC Team. Since not all skills and attributes will likely be found within each individual, capabilities should be balanced across the SOC. Each shift should have a blend of skills and temperaments, including “people” people; analysts that can communicate effectively with the IT service provider or the organizational workforce. Escalation and Complexity. Every service will require graduated skill levels, and some services require a more experienced “junior” level analyst than others. Staff shifts with a mix of experience levels and seniority. Advancement and Rotation. • Establish growth paths for every position with the SOC. • You will also need to plan for training and professional development • Growth and training opportunities will help retain a professional workforce. Trust Level. • SOC analysts will have regular access to highly sensitive organizational information. Implement a thorough regulations that require special background checks for people with elevated access to IT systems.
A Strategy towards an Effective SOC - Manoj Purandare 3. The ever updating and precise Technology
A Strategy towards an Effective SOC - Manoj Purandare 4. The platform : With known and unknown, advanced threat detection and prevention, URL filtering, and mobile security—correlate all of these security functions and protect the datacenter and the network perimeter. The platform enables the government agency to take a whitelisting approach to their applications, with the ability to segment government agencies Alerts are drastically reduced significantly reducing the workload for the SOC analyst.
A Strategy towards an Effective SOC - Manoj Purandare You may also need to considers the other controls as SOC Layered Security Controls and the Physical Security Controls :
A Strategy towards an Effective SOC - Manoj Purandare You may also need to considers the other controls as SOC Layered Security Controls and the Physical Security Controls :
A Strategy towards an Effective SOC - Manoj Purandare Beyond this, We need to be prepared with our SOC Service Service Catalogue that may give a clear picture on SOC business operation and facilities available for a customer :
A Strategy towards an Effective SOC - Manoj Purandare Initially, we have to define on various SOC Key tools, their integration, and their working
A Strategy towards an Effective SOC - Manoj Purandare Initially, we have to define on various SOC Key tools, their integration, and their working
A Strategy towards an Effective SOC - Manoj Purandare Initially, we have to define on various SOC Key tools, their integration, and their working
A Strategy towards an Effective SOC - Manoj Purandare 5.. The Proactive and Real time - Threat Intelligence Mature SOCs continually develop the capability to consume and leverage threat intelligence from their past incidents and from information-sharing sources According to the 2015 SANS Cyberthreat Intelligence (CTI) Survey, 69% of respondents reported that their organization implemented some cyberthreat intelligence capability, with 27% indicating that their teams fully embrace the concept of CTI and integrated response procedures across systems and staff. Obstacles to Efficient SOC Incident Handling To achieve efficient incident handling, the SOC must avoid bottlenecks in the IR process that moves incidents through Tier 1, into Tier 2, and finally through Tier 3. Bottlenecks can occur due to too much “white noise,” alerts of little consequence or false-positives that lead to analyst “alert fatigue.” Understanding of the government’s enterprise network topology, including all connections (Internet, mission partners, cloud providers, vendor specific, etc.) is needed for an understanding of attack vectors. No intelligence exists without visibility—visibility across the whole network, including endpoints, for all applications, all content, and all users.
A Strategy towards an Effective SOC - Manoj Purandare Employing a platform like similar to that of Palo Alto Networks platform including network and endpoint visibility and threat prevention can significantly increase that visibility and subsequently accelerate the SOC’s intelligence capability. The Palo Alto Networks platform detects ever changing threats, but more importantly provides the ability to prevent them as soon as possible, ideally before they have detonated on the network. All insights feed onboard signature creation to detect and prevent future attacks. We can accomplish this in a flexible and extensible platform that enables uniform protection across traditional infrastructure at the network edge, the cloud and mobile devices. So define your road map clearly.
A Strategy towards an Effective SOC - Manoj Purandare III. The SOC Governance, GRC and Process Framework The framework for the Security Operations Center (SOC), like most organizational capabilities, can be described in terms of its People, Processes, and Technology. The people needed to staff the SOC are defined by an organizational structure, manning levels, skill sets, and a professional development path to ensure the people grow as the organization grows. Clearly defined processes needed to sustain the organization and provide the services it offers are essential to the successful accomplishment of the mission. Technology is a critical enabler to the SOC mission; automated tools can be used to correlate, reduce, and analyze the volume of data entering the SOC. We will explain all four components in more detail, but we begin by presenting a high level recipe for success. Check for the 11-Steps Recipe for SOC Success here ahead
A Strategy towards an Effective SOC - Manoj Purandare Below diagrams represent the SOC Governance model, GRC, Process Framework, etc.
A Strategy towards an Effective SOC - Manoj Purandare The SOC GRC :
A Strategy towards an Effective SOC - Manoj Purandare The SOC Process Framework :
A Strategy towards an Effective SOC - Manoj Purandare IV. And finally, The 11-Steps Recipe for SOC Success There are 11 recommended steps that form the foundation of a new or revitalized SOC. This article assumes the government organization or a Private Organization, has already decided to create an in-sourced SOC capability rather than seek it as a service from an out-sourced provider or agency within the given government—a decision that involves factors beyond the scope of this paper. The first step is to identify an executable mission including whom the SOC will serve, and where it will be located organizationally. Next the SOC should identify the services offered. The service architecture should be evolutionary; fewer services delivered well at the onset is better than many services offered poorly. As the SOC and the supported organization mature, so can the services offered. Once these foundational steps are completed, the organization can acquire and develop the appropriate people, process, technology, and intelligence to align with the mission and the services. Concurrently, the SOC must establish and execute an effective communication strategy to get buy-in at all levels within the organization.
A Strategy towards an Effective SOC - Manoj Purandare The 11-Steps Recipe for SOC Success here ahead A. Identify an Executable Mission B. Identify the Services Offered C. Basic Core SOC services: D. Intermediate Core SOC services: E. Advanced SOC services: F. Supporting SOC services: G. Document the Mission and Services H. Adding Context to Security Incidents I. Defining Normal Through Baselining J. Acquire the necessary People, Processes, Technologies and Intelligence K. Execute an Effective Communications Strategy
A Strategy towards an Effective SOC - Manoj Purandare
A Strategy towards an Effective SOC - Manoj Purandare The SOC must establish itself as a mission enabler rather than an encumbrance. Ultimately this distinction will be determined by action; initially it will be determined by message. Finally, the SOC may be required to establish relationships with partner organizations within government domestic and international security frameworks, but even if not mandated, should establish relationships with peer organizations. Reach out to similar organizations and understand their approach to cybersecurity. If knowledge is power, these peer relationships will increase both exponentially. Summary : Whether you have decided to create a SOC as part of the government organization’s Information Security Management System (ISMS) for ISO/IEC 27001 certification, or just recognizing a need to centralize IT security efforts, this whitepaper will provide a useful map of your path to success. Understand the organization’s objective. Select the people, process, and technology that fit the organization. Focus on Intelligence. Communicate and Execute. Building a SOC may seem onerous, but the payoff—with improved visibility, intelligence and protection for the government in these challenging times—will be well worth it.
A Strategy towards an Effective SOC - Manoj Purandare Some useful links : https://blog.komand.com/how-to-structure-a-security-operations-center https://www.mcafee.com/in/resources/white-papers/foundstone/wp-creating-maintaining-soc.pdf Reference and Acknowledgements : https://www.sans.org/reading-room/whitepapers/analyst/building-world-class-security-operations- center-roadmap-35907 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf https://www.sans.org/reading-room/whitepapers/analyst/benchmarking-security-information-event- management-siem-34755 http://www.sans.org/reading-room/whitepapers/analyst/ninth-log-management-survey-report- 35497 https://www.sans.org/reading-room/whitepapers/incident/incident-response-fight-35342 https://www.sans.org/webcasts/cyberthreat-intelligence-how-1-definitions-tools-standards-99052 https://www.sans.org/reading-room/whitepapers/incident/incident-response-fight-35342 https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/white-papers/security- operations-centers.pdf
A Strategy towards an Effective SOC - Manoj Purandare An article on - Strategy for building an effective Security Operations Center [SOC] Sincere Thanks .!!! for all the experts in the Government, IT, Infosec & Cyber Security Industry This article is a basic guideline towards – Strategy for building an effective Security Operations Center [SOC]. I whole heartedly and sincerely thank you one and all who provided me valuable inputs, references and information to complete it for the benefit of Government and Corporate Infosec and Cyber Security World Treat this Slide dedicated and acknowledgement to one and all who I forgot to mention, missed out their names, companies, website and other info here in this presentation. I thank you and apologize if I had forgot to mention you here.
A Strategy towards an Effective SOC - Manoj Purandare Manoj Purandare DCM, MCS, CISSP, PMP, PgMP, ITIL, Cyber Crime Analyst, PCI DSS Security Implementer, with more than 2 decades of IT and Infosec experience and specialization mail: technicalmanoj@gmail.com Linkedin : https://www.linkedin.com/in/manojypurandare about – Author & Presenter Thank you

Recommended

Company Profile
Company ProfileCompany Profile
Company Profile3SC World
 
Building an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations CenterBuilding an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations Center
EMC
 
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare ☁
 
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Napier University
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
Sameer Paradia
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
 
Skill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCSkill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCFuad Khan
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...
at MicroFocus Italy ❖✔
 

Recommended

Company Profile
Company ProfileCompany Profile
Company Profile3SC World
 
Building an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations CenterBuilding an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations Center
EMC
 
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare ☁
 
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Design and Evaluation of [vSoC]: Virtualised Security Operations Centre
Napier University
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
Sameer Paradia
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
 
Skill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCSkill Set Needed to work successfully in a SOC
Skill Set Needed to work successfully in a SOCFuad Khan
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...
at MicroFocus Italy ❖✔
 
IT - Enterprise Service Operation Center
IT - Enterprise Service Operation CenterIT - Enterprise Service Operation Center
IT - Enterprise Service Operation Center
Sameer Paradia
 
Soc
SocSoc
Soc
Mukesh Chaudhari
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0Rasmi Swain
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
CMR WORLD TECH
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
SLVA Information Security
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Alan Yau Ti Dun
 
Ca world 2007 SOC integration
Ca world 2007 SOC integrationCa world 2007 SOC integration
Ca world 2007 SOC integration
Michael Nickle
 
What's Next : A Trillion Event Logs, A Million Security Threat
What's Next : A Trillion Event Logs, A Million Security ThreatWhat's Next : A Trillion Event Logs, A Million Security Threat
What's Next : A Trillion Event Logs, A Million Security Threat
Alan Yau Ti Dun
 
Critical Infrastructure Protection (CIP) NERC Training
Critical Infrastructure Protection (CIP) NERC TrainingCritical Infrastructure Protection (CIP) NERC Training
Critical Infrastructure Protection (CIP) NERC Training
Tonex
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
Ben Rothke
 
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Alan Yau Ti Dun
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
Shah Sheikh
 
Best practices for building network operations center
Best practices for building network operations centerBest practices for building network operations center
Best practices for building network operations center
Satish Chavan
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
Priyanka Aash
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
Stephen Tsuchiyama
 
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Brian Andrzejewski
 
Security operation center
Security operation centerSecurity operation center
Security operation center
MuthuKumaran267
 
Intelligent security operations a staffing guide
Intelligent security operations a staffing guideIntelligent security operations a staffing guide
Intelligent security operations a staffing guide
Colleen Johnson
 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdf
TapOffice
 

More Related Content

What's hot

IT - Enterprise Service Operation Center
IT - Enterprise Service Operation CenterIT - Enterprise Service Operation Center
IT - Enterprise Service Operation Center
Sameer Paradia
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0Rasmi Swain
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
CMR WORLD TECH
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
SLVA Information Security
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Alan Yau Ti Dun
 
Ca world 2007 SOC integration
Ca world 2007 SOC integrationCa world 2007 SOC integration
Ca world 2007 SOC integration
Michael Nickle
 
What's Next : A Trillion Event Logs, A Million Security Threat
What's Next : A Trillion Event Logs, A Million Security ThreatWhat's Next : A Trillion Event Logs, A Million Security Threat
What's Next : A Trillion Event Logs, A Million Security Threat
Alan Yau Ti Dun
 
Critical Infrastructure Protection (CIP) NERC Training
Critical Infrastructure Protection (CIP) NERC TrainingCritical Infrastructure Protection (CIP) NERC Training
Critical Infrastructure Protection (CIP) NERC Training
Tonex
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
Ben Rothke
 
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Alan Yau Ti Dun
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
Shah Sheikh
 
Best practices for building network operations center
Best practices for building network operations centerBest practices for building network operations center
Best practices for building network operations center
Satish Chavan
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
Priyanka Aash
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
Stephen Tsuchiyama
 
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Brian Andrzejewski
 
Security operation center
Security operation centerSecurity operation center
Security operation center
MuthuKumaran267
 

What's hot (20)

IT - Enterprise Service Operation Center
IT - Enterprise Service Operation CenterIT - Enterprise Service Operation Center
IT - Enterprise Service Operation Center
 
Soc
SocSoc
Soc
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
 
Ca world 2007 SOC integration
Ca world 2007 SOC integrationCa world 2007 SOC integration
Ca world 2007 SOC integration
 
What's Next : A Trillion Event Logs, A Million Security Threat
What's Next : A Trillion Event Logs, A Million Security ThreatWhat's Next : A Trillion Event Logs, A Million Security Threat
What's Next : A Trillion Event Logs, A Million Security Threat
 
Critical Infrastructure Protection (CIP) NERC Training
Critical Infrastructure Protection (CIP) NERC TrainingCritical Infrastructure Protection (CIP) NERC Training
Critical Infrastructure Protection (CIP) NERC Training
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
 
Best practices for building network operations center
Best practices for building network operations centerBest practices for building network operations center
Best practices for building network operations center
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
 
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
 
Security operation center
Security operation centerSecurity operation center
Security operation center
 

Similar to Manoj purandare - Strategy towards an Effective Security Operations Centre - SOC

Intelligent security operations a staffing guide
Intelligent security operations a staffing guideIntelligent security operations a staffing guide
Intelligent security operations a staffing guide
Colleen Johnson
 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdf
TapOffice
 
Implementing Security Operations Center (SOC): Strategies for Success in 2024
Implementing Security Operations Center (SOC): Strategies for Success in 2024Implementing Security Operations Center (SOC): Strategies for Success in 2024
Implementing Security Operations Center (SOC): Strategies for Success in 2024
Neil Johnson
 
RH-ISAC_BuildingtheFoundation_WhitePaper.pdf
RH-ISAC_BuildingtheFoundation_WhitePaper.pdfRH-ISAC_BuildingtheFoundation_WhitePaper.pdf
RH-ISAC_BuildingtheFoundation_WhitePaper.pdf
ssuser2209e8
 
Needs Assessment and Implementation Requirements of a Knowledge Management Sy...
Needs Assessment and Implementation Requirements of a Knowledge Management Sy...Needs Assessment and Implementation Requirements of a Knowledge Management Sy...
Needs Assessment and Implementation Requirements of a Knowledge Management Sy...Paul Santilli
 
INTERNAL Assign no 207( JAIPUR NATIONAL UNI)
INTERNAL Assign no 207( JAIPUR NATIONAL UNI)INTERNAL Assign no 207( JAIPUR NATIONAL UNI)
INTERNAL Assign no 207( JAIPUR NATIONAL UNI)
Partha_bappa
 
Standards For Wright Aircraft Corp
Standards For Wright Aircraft CorpStandards For Wright Aircraft Corp
Standards For Wright Aircraft Corp
Antoinette Williams
 
Applying Lean for information security operations centre
Applying Lean for information security operations centreApplying Lean for information security operations centre
Applying Lean for information security operations centre
Naushad Rajani. - CISA, CISSP, CCSP, PMP, DCPP (Privacy)
 
Hp arc sight_state of security ops_whitepaper
Hp arc sight_state of security ops_whitepaperHp arc sight_state of security ops_whitepaper
Hp arc sight_state of security ops_whitepaper
rickkaun
 
Brochure Auditing Erp System V2
Brochure Auditing Erp System V2Brochure Auditing Erp System V2
Brochure Auditing Erp System V2agc infotech
 
Ops360 - Workforce Management Solution - V1
Ops360 - Workforce Management Solution - V1Ops360 - Workforce Management Solution - V1
Ops360 - Workforce Management Solution - V1
NetConnect2
 
New hospital it strategy 2
New hospital it strategy 2New hospital it strategy 2
New hospital it strategy 2
Pankaj Gupta
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
Kamal Acharya
 
Intranet Automation of Human Resource Management System
Intranet Automation of Human Resource Management SystemIntranet Automation of Human Resource Management System
Intranet Automation of Human Resource Management System
IOSR Journals
 
IRJET - Social Network Message Credibility: An Agent-based Approach
IRJET - Social Network Message Credibility: An Agent-based ApproachIRJET - Social Network Message Credibility: An Agent-based Approach
IRJET - Social Network Message Credibility: An Agent-based Approach
IRJET Journal
 
IRJET- Social Network Message Credibility: An Agent-based Approach
IRJET- Social Network Message Credibility: An Agent-based ApproachIRJET- Social Network Message Credibility: An Agent-based Approach
IRJET- Social Network Message Credibility: An Agent-based Approach
IRJET Journal
 
Forrester how to create a knockout social business and collaboration strategi...
Forrester how to create a knockout social business and collaboration strategi...Forrester how to create a knockout social business and collaboration strategi...
Forrester how to create a knockout social business and collaboration strategi...
Office
 
IT_Analyst_6_Shentaijun
IT_Analyst_6_ShentaijunIT_Analyst_6_Shentaijun
IT_Analyst_6_Shentaijun?? ?
 
Securing Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation NotesSecuring Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation Notes
edwinlorenzana
 
computer science.docx. Mohit Class 12 follow for more
computer science.docx. Mohit Class 12 follow for morecomputer science.docx. Mohit Class 12 follow for more
computer science.docx. Mohit Class 12 follow for more
kimchibhendalbhai070
 

Similar to Manoj purandare - Strategy towards an Effective Security Operations Centre - SOC (20)

Intelligent security operations a staffing guide
Intelligent security operations a staffing guideIntelligent security operations a staffing guide
Intelligent security operations a staffing guide
 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdf
 
Implementing Security Operations Center (SOC): Strategies for Success in 2024
Implementing Security Operations Center (SOC): Strategies for Success in 2024Implementing Security Operations Center (SOC): Strategies for Success in 2024
Implementing Security Operations Center (SOC): Strategies for Success in 2024
 
RH-ISAC_BuildingtheFoundation_WhitePaper.pdf
RH-ISAC_BuildingtheFoundation_WhitePaper.pdfRH-ISAC_BuildingtheFoundation_WhitePaper.pdf
RH-ISAC_BuildingtheFoundation_WhitePaper.pdf
 
Needs Assessment and Implementation Requirements of a Knowledge Management Sy...
Needs Assessment and Implementation Requirements of a Knowledge Management Sy...Needs Assessment and Implementation Requirements of a Knowledge Management Sy...
Needs Assessment and Implementation Requirements of a Knowledge Management Sy...
 
INTERNAL Assign no 207( JAIPUR NATIONAL UNI)
INTERNAL Assign no 207( JAIPUR NATIONAL UNI)INTERNAL Assign no 207( JAIPUR NATIONAL UNI)
INTERNAL Assign no 207( JAIPUR NATIONAL UNI)
 
Standards For Wright Aircraft Corp
Standards For Wright Aircraft CorpStandards For Wright Aircraft Corp
Standards For Wright Aircraft Corp
 
Applying Lean for information security operations centre
Applying Lean for information security operations centreApplying Lean for information security operations centre
Applying Lean for information security operations centre
 
Hp arc sight_state of security ops_whitepaper
Hp arc sight_state of security ops_whitepaperHp arc sight_state of security ops_whitepaper
Hp arc sight_state of security ops_whitepaper
 
Brochure Auditing Erp System V2
Brochure Auditing Erp System V2Brochure Auditing Erp System V2
Brochure Auditing Erp System V2
 
Ops360 - Workforce Management Solution - V1
Ops360 - Workforce Management Solution - V1Ops360 - Workforce Management Solution - V1
Ops360 - Workforce Management Solution - V1
 
New hospital it strategy 2
New hospital it strategy 2New hospital it strategy 2
New hospital it strategy 2
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
 
Intranet Automation of Human Resource Management System
Intranet Automation of Human Resource Management SystemIntranet Automation of Human Resource Management System
Intranet Automation of Human Resource Management System
 
IRJET - Social Network Message Credibility: An Agent-based Approach
IRJET - Social Network Message Credibility: An Agent-based ApproachIRJET - Social Network Message Credibility: An Agent-based Approach
IRJET - Social Network Message Credibility: An Agent-based Approach
 
IRJET- Social Network Message Credibility: An Agent-based Approach
IRJET- Social Network Message Credibility: An Agent-based ApproachIRJET- Social Network Message Credibility: An Agent-based Approach
IRJET- Social Network Message Credibility: An Agent-based Approach
 
Forrester how to create a knockout social business and collaboration strategi...
Forrester how to create a knockout social business and collaboration strategi...Forrester how to create a knockout social business and collaboration strategi...
Forrester how to create a knockout social business and collaboration strategi...
 
IT_Analyst_6_Shentaijun
IT_Analyst_6_ShentaijunIT_Analyst_6_Shentaijun
IT_Analyst_6_Shentaijun
 
Securing Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation NotesSecuring Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation Notes
 
computer science.docx. Mohit Class 12 follow for more
computer science.docx. Mohit Class 12 follow for morecomputer science.docx. Mohit Class 12 follow for more
computer science.docx. Mohit Class 12 follow for more
 

More from Manoj Purandare ☁

Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare ☁
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare ☁
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare ☁
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare ☁
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare ☁
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare ☁
 
Manoj purandare Stratergy towards an effective soc
Manoj purandare Stratergy towards an effective socManoj purandare Stratergy towards an effective soc
Manoj purandare Stratergy towards an effective soc
Manoj Purandare ☁
 

More from Manoj Purandare ☁ (9)

Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
 
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
Manoj Purandare- Stratergy towards an Effective Security Operations Centre -...
 
Manoj purandare Stratergy towards an effective soc
Manoj purandare Stratergy towards an effective socManoj purandare Stratergy towards an effective soc
Manoj purandare Stratergy towards an effective soc
 

Recently uploaded

一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
一比一原版(WSU毕业证)西悉尼大学毕业证成绩单一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
evkovas
 
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
ehbuaw
 
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
ukyewh
 
PNRR MADRID GREENTECH FOR BROWN NETWORKS NETWORKS MUR_MUSA_TEBALDI.pdf
PNRR MADRID GREENTECH FOR BROWN NETWORKS NETWORKS MUR_MUSA_TEBALDI.pdfPNRR MADRID GREENTECH FOR BROWN NETWORKS NETWORKS MUR_MUSA_TEBALDI.pdf
PNRR MADRID GREENTECH FOR BROWN NETWORKS NETWORKS MUR_MUSA_TEBALDI.pdf
ClaudioTebaldi2
 
Counting Class for Micro Observers 2024.pptx
Counting Class for Micro Observers 2024.pptxCounting Class for Micro Observers 2024.pptx
Counting Class for Micro Observers 2024.pptx
Revenue Department Kerala State
 
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
850fcj96
 
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptxMHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
ILC- UK
 
Up the Ratios Bylaws - a Comprehensive Process of Our Organization
Up the Ratios Bylaws - a Comprehensive Process of Our OrganizationUp the Ratios Bylaws - a Comprehensive Process of Our Organization
Up the Ratios Bylaws - a Comprehensive Process of Our Organization
uptheratios
 
What is the point of small housing associations.pptx
What is the point of small housing associations.pptxWhat is the point of small housing associations.pptx
What is the point of small housing associations.pptx
Paul Smith
 
快速制作(ocad毕业证书)加拿大安大略艺术设计学院毕业证本科学历雅思成绩单原版一模一样
快速制作(ocad毕业证书)加拿大安大略艺术设计学院毕业证本科学历雅思成绩单原版一模一样快速制作(ocad毕业证书)加拿大安大略艺术设计学院毕业证本科学历雅思成绩单原版一模一样
快速制作(ocad毕业证书)加拿大安大略艺术设计学院毕业证本科学历雅思成绩单原版一模一样
850fcj96
 
PACT launching workshop presentation-Final.pdf
PACT launching workshop presentation-Final.pdfPACT launching workshop presentation-Final.pdf
PACT launching workshop presentation-Final.pdf
Mohammed325561
 
ZGB - The Role of Generative AI in Government transformation.pdf
ZGB - The Role of Generative AI in Government transformation.pdfZGB - The Role of Generative AI in Government transformation.pdf
ZGB - The Role of Generative AI in Government transformation.pdf
Saeed Al Dhaheri
 
Uniform Guidance 3.0 - The New 2 CFR 200
Uniform Guidance 3.0 - The New 2 CFR 200Uniform Guidance 3.0 - The New 2 CFR 200
Uniform Guidance 3.0 - The New 2 CFR 200
GrantManagementInsti
 
一比一原版(ANU毕业证)澳大利亚国立大学毕业证成绩单
一比一原版(ANU毕业证)澳大利亚国立大学毕业证成绩单一比一原版(ANU毕业证)澳大利亚国立大学毕业证成绩单
一比一原版(ANU毕业证)澳大利亚国立大学毕业证成绩单
ehbuaw
 
PPT Item # 5 - 5330 Broadway ARB Case # 930F
PPT Item # 5 - 5330 Broadway ARB Case # 930FPPT Item # 5 - 5330 Broadway ARB Case # 930F
PPT Item # 5 - 5330 Broadway ARB Case # 930F
ahcitycouncil
 
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
ehbuaw
 
PPT Item # 6 - 7001 Broadway ARB Case # 933F
PPT Item # 6 - 7001 Broadway ARB Case # 933FPPT Item # 6 - 7001 Broadway ARB Case # 933F
PPT Item # 6 - 7001 Broadway ARB Case # 933F
ahcitycouncil
 
PPT Item # 9 - 2024 Street Maintenance Program(SMP) Amendment
PPT Item # 9 - 2024 Street Maintenance Program(SMP) AmendmentPPT Item # 9 - 2024 Street Maintenance Program(SMP) Amendment
PPT Item # 9 - 2024 Street Maintenance Program(SMP) Amendment
ahcitycouncil
 
Effects of Extreme Temperatures From Climate Change on the Medicare Populatio...
Effects of Extreme Temperatures From Climate Change on the Medicare Populatio...Effects of Extreme Temperatures From Climate Change on the Medicare Populatio...
Effects of Extreme Temperatures From Climate Change on the Medicare Populatio...
Congressional Budget Office
 
The Role of a Process Server in real estate
The Role of a Process Server in real estateThe Role of a Process Server in real estate
The Role of a Process Server in real estate
oklahomajudicialproc1
 

Recently uploaded (20)

一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
一比一原版(WSU毕业证)西悉尼大学毕业证成绩单一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
 
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
 
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
 
PNRR MADRID GREENTECH FOR BROWN NETWORKS NETWORKS MUR_MUSA_TEBALDI.pdf
PNRR MADRID GREENTECH FOR BROWN NETWORKS NETWORKS MUR_MUSA_TEBALDI.pdfPNRR MADRID GREENTECH FOR BROWN NETWORKS NETWORKS MUR_MUSA_TEBALDI.pdf
PNRR MADRID GREENTECH FOR BROWN NETWORKS NETWORKS MUR_MUSA_TEBALDI.pdf
 
Counting Class for Micro Observers 2024.pptx
Counting Class for Micro Observers 2024.pptxCounting Class for Micro Observers 2024.pptx
Counting Class for Micro Observers 2024.pptx
 
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
 
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptxMHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
 
Up the Ratios Bylaws - a Comprehensive Process of Our Organization
Up the Ratios Bylaws - a Comprehensive Process of Our OrganizationUp the Ratios Bylaws - a Comprehensive Process of Our Organization
Up the Ratios Bylaws - a Comprehensive Process of Our Organization
 
What is the point of small housing associations.pptx
What is the point of small housing associations.pptxWhat is the point of small housing associations.pptx
What is the point of small housing associations.pptx
 
快速制作(ocad毕业证书)加拿大安大略艺术设计学院毕业证本科学历雅思成绩单原版一模一样
快速制作(ocad毕业证书)加拿大安大略艺术设计学院毕业证本科学历雅思成绩单原版一模一样快速制作(ocad毕业证书)加拿大安大略艺术设计学院毕业证本科学历雅思成绩单原版一模一样
快速制作(ocad毕业证书)加拿大安大略艺术设计学院毕业证本科学历雅思成绩单原版一模一样
 
PACT launching workshop presentation-Final.pdf
PACT launching workshop presentation-Final.pdfPACT launching workshop presentation-Final.pdf
PACT launching workshop presentation-Final.pdf
 
ZGB - The Role of Generative AI in Government transformation.pdf
ZGB - The Role of Generative AI in Government transformation.pdfZGB - The Role of Generative AI in Government transformation.pdf
ZGB - The Role of Generative AI in Government transformation.pdf
 
Uniform Guidance 3.0 - The New 2 CFR 200
Uniform Guidance 3.0 - The New 2 CFR 200Uniform Guidance 3.0 - The New 2 CFR 200
Uniform Guidance 3.0 - The New 2 CFR 200
 
一比一原版(ANU毕业证)澳大利亚国立大学毕业证成绩单
一比一原版(ANU毕业证)澳大利亚国立大学毕业证成绩单一比一原版(ANU毕业证)澳大利亚国立大学毕业证成绩单
一比一原版(ANU毕业证)澳大利亚国立大学毕业证成绩单
 
PPT Item # 5 - 5330 Broadway ARB Case # 930F
PPT Item # 5 - 5330 Broadway ARB Case # 930FPPT Item # 5 - 5330 Broadway ARB Case # 930F
PPT Item # 5 - 5330 Broadway ARB Case # 930F
 
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
 
PPT Item # 6 - 7001 Broadway ARB Case # 933F
PPT Item # 6 - 7001 Broadway ARB Case # 933FPPT Item # 6 - 7001 Broadway ARB Case # 933F
PPT Item # 6 - 7001 Broadway ARB Case # 933F
 
PPT Item # 9 - 2024 Street Maintenance Program(SMP) Amendment
PPT Item # 9 - 2024 Street Maintenance Program(SMP) AmendmentPPT Item # 9 - 2024 Street Maintenance Program(SMP) Amendment
PPT Item # 9 - 2024 Street Maintenance Program(SMP) Amendment
 
Effects of Extreme Temperatures From Climate Change on the Medicare Populatio...
Effects of Extreme Temperatures From Climate Change on the Medicare Populatio...Effects of Extreme Temperatures From Climate Change on the Medicare Populatio...
Effects of Extreme Temperatures From Climate Change on the Medicare Populatio...
 
The Role of a Process Server in real estate
The Role of a Process Server in real estateThe Role of a Process Server in real estate
The Role of a Process Server in real estate
 

Manoj purandare - Strategy towards an Effective Security Operations Centre - SOC

  • 1. A Strategy towards an Effective SOC - Manoj Purandare Effective Security Operations Centre SOC building - by Manoj Purandare This article tries to give a strategy towards building am effective SOC using its 4 major points steps and 11 effective steps recipe - for Organisation's / Govt's safety and security.
  • 2. A Strategy towards an Effective SOC - Manoj Purandare I - Background - Information Technology continues to evolve at a rapid pace. This article describes a structured approach toward the formation of a government SOC that enables organizations to integrate this capability into their overall Information Security Management System (ISMS) and align with many of the requirements introduced by ISO/IEC 27001:2013. So, why do we need a SOC ?
  • 3. A Strategy towards an Effective SOC - Manoj Purandare II- Creating the Roadmap – Since you can’t build a world-class SOC overnight, creating a plan for incremental phases of implementation is critical to success. • Budget • Timelines • What goes into such a roadmap? • What comes first and what next? • The goal can be execute regular incremental improvements based on your completed gap analysis and to establish a series of prioritized milestones that lead the organization towards optimized security and improved incident detection and response. • You need • The Right People • The Required Process • The ever updating and precise Technology • The Platform • The Proactive and Real Time – Threat Intelligence
  • 4. A Strategy towards an Effective SOC - Manoj Purandare Let us see a basic design flow of the SOC requirements as below :
  • 5. A Strategy towards an Effective SOC - Manoj Purandare
  • 6. A Strategy towards an Effective SOC - Manoj Purandare The gaps you uncover in that analysis can be translated into goals. Budget, personnel and cultural constraints require that new processes and technologies be implemented in stages.
  • 7. A Strategy towards an Effective SOC - Manoj Purandare The Required SOC team members & their roles and responsibilities 1.The Right People
  • 8. A Strategy towards an Effective SOC - Manoj Purandare The Required SOC team members & their roles and responsibilities In addition to SOC analysts, a security operations center requires a ringmaster for its many moving parts. The SOC manager often fights fires, within and outside of the SOC. The SOC manager is responsible for prioritizing work and organizing resources with the ultimate goal of detecting, investigating and mitigating incidents that could impact the business. A typical SOC organization is illustrated in Figure 2.
  • 9. A Strategy towards an Effective SOC - Manoj Purandare The Required SOC team members & their roles and responsibilities The SOC Org Chart : The SOC manager should develop a workflow model and implement standardized operating procedures (SOPs) for the incident-handling process that guides analysts through triage and response procedures.
  • 10. A Strategy towards an Effective SOC - Manoj Purandare 2. The required Processes
  • 11. A Strategy towards an Effective SOC - Manoj Purandare
  • 12. A Strategy towards an Effective SOC - Manoj Purandare The Collective SOC Team. Since not all skills and attributes will likely be found within each individual, capabilities should be balanced across the SOC. Each shift should have a blend of skills and temperaments, including “people” people; analysts that can communicate effectively with the IT service provider or the organizational workforce. Escalation and Complexity. Every service will require graduated skill levels, and some services require a more experienced “junior” level analyst than others. Staff shifts with a mix of experience levels and seniority. Advancement and Rotation. • Establish growth paths for every position with the SOC. • You will also need to plan for training and professional development • Growth and training opportunities will help retain a professional workforce. Trust Level. • SOC analysts will have regular access to highly sensitive organizational information. Implement a thorough regulations that require special background checks for people with elevated access to IT systems.
  • 13. A Strategy towards an Effective SOC - Manoj Purandare 3. The ever updating and precise Technology
  • 14. A Strategy towards an Effective SOC - Manoj Purandare 4. The platform : With known and unknown, advanced threat detection and prevention, URL filtering, and mobile security—correlate all of these security functions and protect the datacenter and the network perimeter. The platform enables the government agency to take a whitelisting approach to their applications, with the ability to segment government agencies Alerts are drastically reduced significantly reducing the workload for the SOC analyst.
  • 15. A Strategy towards an Effective SOC - Manoj Purandare You may also need to considers the other controls as SOC Layered Security Controls and the Physical Security Controls :
  • 16. A Strategy towards an Effective SOC - Manoj Purandare You may also need to considers the other controls as SOC Layered Security Controls and the Physical Security Controls :
  • 17. A Strategy towards an Effective SOC - Manoj Purandare Beyond this, We need to be prepared with our SOC Service Service Catalogue that may give a clear picture on SOC business operation and facilities available for a customer :
  • 18. A Strategy towards an Effective SOC - Manoj Purandare Initially, we have to define on various SOC Key tools, their integration, and their working
  • 19. A Strategy towards an Effective SOC - Manoj Purandare Initially, we have to define on various SOC Key tools, their integration, and their working
  • 20. A Strategy towards an Effective SOC - Manoj Purandare Initially, we have to define on various SOC Key tools, their integration, and their working
  • 21. A Strategy towards an Effective SOC - Manoj Purandare 5.. The Proactive and Real time - Threat Intelligence Mature SOCs continually develop the capability to consume and leverage threat intelligence from their past incidents and from information-sharing sources According to the 2015 SANS Cyberthreat Intelligence (CTI) Survey, 69% of respondents reported that their organization implemented some cyberthreat intelligence capability, with 27% indicating that their teams fully embrace the concept of CTI and integrated response procedures across systems and staff. Obstacles to Efficient SOC Incident Handling To achieve efficient incident handling, the SOC must avoid bottlenecks in the IR process that moves incidents through Tier 1, into Tier 2, and finally through Tier 3. Bottlenecks can occur due to too much “white noise,” alerts of little consequence or false-positives that lead to analyst “alert fatigue.” Understanding of the government’s enterprise network topology, including all connections (Internet, mission partners, cloud providers, vendor specific, etc.) is needed for an understanding of attack vectors. No intelligence exists without visibility—visibility across the whole network, including endpoints, for all applications, all content, and all users.
  • 22. A Strategy towards an Effective SOC - Manoj Purandare Employing a platform like similar to that of Palo Alto Networks platform including network and endpoint visibility and threat prevention can significantly increase that visibility and subsequently accelerate the SOC’s intelligence capability. The Palo Alto Networks platform detects ever changing threats, but more importantly provides the ability to prevent them as soon as possible, ideally before they have detonated on the network. All insights feed onboard signature creation to detect and prevent future attacks. We can accomplish this in a flexible and extensible platform that enables uniform protection across traditional infrastructure at the network edge, the cloud and mobile devices. So define your road map clearly.
  • 23. A Strategy towards an Effective SOC - Manoj Purandare III. The SOC Governance, GRC and Process Framework The framework for the Security Operations Center (SOC), like most organizational capabilities, can be described in terms of its People, Processes, and Technology. The people needed to staff the SOC are defined by an organizational structure, manning levels, skill sets, and a professional development path to ensure the people grow as the organization grows. Clearly defined processes needed to sustain the organization and provide the services it offers are essential to the successful accomplishment of the mission. Technology is a critical enabler to the SOC mission; automated tools can be used to correlate, reduce, and analyze the volume of data entering the SOC. We will explain all four components in more detail, but we begin by presenting a high level recipe for success. Check for the 11-Steps Recipe for SOC Success here ahead
  • 24. A Strategy towards an Effective SOC - Manoj Purandare Below diagrams represent the SOC Governance model, GRC, Process Framework, etc.
  • 25. A Strategy towards an Effective SOC - Manoj Purandare The SOC GRC :
  • 26. A Strategy towards an Effective SOC - Manoj Purandare The SOC Process Framework :
  • 27. A Strategy towards an Effective SOC - Manoj Purandare IV. And finally, The 11-Steps Recipe for SOC Success There are 11 recommended steps that form the foundation of a new or revitalized SOC. This article assumes the government organization or a Private Organization, has already decided to create an in-sourced SOC capability rather than seek it as a service from an out-sourced provider or agency within the given government—a decision that involves factors beyond the scope of this paper. The first step is to identify an executable mission including whom the SOC will serve, and where it will be located organizationally. Next the SOC should identify the services offered. The service architecture should be evolutionary; fewer services delivered well at the onset is better than many services offered poorly. As the SOC and the supported organization mature, so can the services offered. Once these foundational steps are completed, the organization can acquire and develop the appropriate people, process, technology, and intelligence to align with the mission and the services. Concurrently, the SOC must establish and execute an effective communication strategy to get buy-in at all levels within the organization.
  • 28. A Strategy towards an Effective SOC - Manoj Purandare The 11-Steps Recipe for SOC Success here ahead A. Identify an Executable Mission B. Identify the Services Offered C. Basic Core SOC services: D. Intermediate Core SOC services: E. Advanced SOC services: F. Supporting SOC services: G. Document the Mission and Services H. Adding Context to Security Incidents I. Defining Normal Through Baselining J. Acquire the necessary People, Processes, Technologies and Intelligence K. Execute an Effective Communications Strategy
  • 29. A Strategy towards an Effective SOC - Manoj Purandare
  • 30. A Strategy towards an Effective SOC - Manoj Purandare The SOC must establish itself as a mission enabler rather than an encumbrance. Ultimately this distinction will be determined by action; initially it will be determined by message. Finally, the SOC may be required to establish relationships with partner organizations within government domestic and international security frameworks, but even if not mandated, should establish relationships with peer organizations. Reach out to similar organizations and understand their approach to cybersecurity. If knowledge is power, these peer relationships will increase both exponentially. Summary : Whether you have decided to create a SOC as part of the government organization’s Information Security Management System (ISMS) for ISO/IEC 27001 certification, or just recognizing a need to centralize IT security efforts, this whitepaper will provide a useful map of your path to success. Understand the organization’s objective. Select the people, process, and technology that fit the organization. Focus on Intelligence. Communicate and Execute. Building a SOC may seem onerous, but the payoff—with improved visibility, intelligence and protection for the government in these challenging times—will be well worth it.
  • 31. A Strategy towards an Effective SOC - Manoj Purandare Some useful links : https://blog.komand.com/how-to-structure-a-security-operations-center https://www.mcafee.com/in/resources/white-papers/foundstone/wp-creating-maintaining-soc.pdf Reference and Acknowledgements : https://www.sans.org/reading-room/whitepapers/analyst/building-world-class-security-operations- center-roadmap-35907 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf https://www.sans.org/reading-room/whitepapers/analyst/benchmarking-security-information-event- management-siem-34755 http://www.sans.org/reading-room/whitepapers/analyst/ninth-log-management-survey-report- 35497 https://www.sans.org/reading-room/whitepapers/incident/incident-response-fight-35342 https://www.sans.org/webcasts/cyberthreat-intelligence-how-1-definitions-tools-standards-99052 https://www.sans.org/reading-room/whitepapers/incident/incident-response-fight-35342 https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/white-papers/security- operations-centers.pdf
  • 32. A Strategy towards an Effective SOC - Manoj Purandare An article on - Strategy for building an effective Security Operations Center [SOC] Sincere Thanks .!!! for all the experts in the Government, IT, Infosec & Cyber Security Industry This article is a basic guideline towards – Strategy for building an effective Security Operations Center [SOC]. I whole heartedly and sincerely thank you one and all who provided me valuable inputs, references and information to complete it for the benefit of Government and Corporate Infosec and Cyber Security World Treat this Slide dedicated and acknowledgement to one and all who I forgot to mention, missed out their names, companies, website and other info here in this presentation. I thank you and apologize if I had forgot to mention you here.
  • 33. A Strategy towards an Effective SOC - Manoj Purandare Manoj Purandare DCM, MCS, CISSP, PMP, PgMP, ITIL, Cyber Crime Analyst, PCI DSS Security Implementer, with more than 2 decades of IT and Infosec experience and specialization mail: technicalmanoj@gmail.com Linkedin : https://www.linkedin.com/in/manojypurandare about – Author & Presenter Thank you