NetWitness and Cisco released the fourth annual Findings Report from the RSA ConferenceTM 2023 Security Operations Center (SOC).
The RSA Conference™ SOC analyzes the Moscone Center wireless traffic, which is an open network during the week of the Conference.
The role of the SOC at RSA Conference is an educational exhibit sponsored by NetWitness and Cisco. It has elements of a SOC like you would create to protect an organization. The RSAC SOC coordinated with the Moscone Center Network Operation Center for a SPAN (Switched Port Analyzer is a dedicated port on a switch that takes a mirrored copy of network traffic from within the switch to be sent to a destination) of the network traffic from the Moscone Center wireless network.
In the SOC, NetWitness had real time visibility of the traffic traversing the wireless network. Cisco provided automated malware analysis, Talos threat intelligence, DNS visibility and Intrusion Detection; brought together with Cisco XDR. Our thanks to community and corporate partners threat intelligence partners, including alphaMountain.ai, IBM X-Force Exchange, Pulsedive and Recorded Future.
Check out this video inside the SOC
The goal of the RSAC SOC is to use technology to educate conference attendees about what happens on a typical wireless network. The education comes in the form of daily SOC tours and an RSA ConferenceTM session. You can watch the replay of the ‘EXPOSURE: The 4th Annual RSAC SOC Report’ session.
The findings report addresses several security topics, as Cybersecurity Awareness Month is a good time to review your best practices, including:
- Technology Used in The RSAC SOC
- The Data and examples of Insecurity
- Integration And Threat Hunting
- Malware Analysis
- Domain Name Server (DNS)
- Intrusion Detection with the Firewall
Download the RSA ConferenceTM 2023 Security Operations Center Findings Report. You can also view the 2022 report.
Look forward to seeing you in May 2024!
Acknowledgements: Our appreciation to those who made the RSAC SOC possible.
Jessica Bair Oppenheimer Cisco SOC Manager
Ian Redden Team Lead & Integrations
Aditya Sankar / Ben Greenbaum Cisco XDR, Secure Cloud Analytics & Malware Analytics
Alejo Calaoagan / Christian Clasen Cisco Umbrella
Dinkar Sharma / Adam Kilgore Cisco Secure Firewall
Brian McMahon Threat Wall
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels