Threat Hunting: How to Gain the Most Value
As security practitioners who continuously look for adversarial malice, one of the questions we are asked frequently is: What’s around the corner?
So You Want to Build a SOC: Foundations for Your Security Operations Team (Part 1)
As security consultants, we go into an extraordinary array of organisations with very differing levels of maturity and one thing keeps on coming up: "we need a SOC". Whilst this...
Black Hat USA 2017: Cisco Umbrella Joins the NOC
Cisco Cloud Based Security in the SOC Black Hat USA marked its 20th anniversary this year. The members of the NOC management showed me photos of the original NOC: a single router in a closet. The NOC has grown with the conference; into a well-managed team of experts from around the globe, from various vendors […]
A Comparison of SOC Models for Today’s Need of Monitoring & Detecting the Latest Cyber Threats
At Cisco, we are often asked to take a vendor agnostic approach when developing a Security Operations Center (SOC) strategy, and as such, we must consider the importance of distinguishing between the various types of SOC models in today’s demanding security needs. However, before explaining the various models that exist for today’s need of monitoring […]
Is Your Race to SOC Headed for an Epic Crash?
Before You Take Off, Get Up To Speed on These Six Precursors to Incident Response It seems most advice on setting up a Security Operations Center (SOC), or creating a Computer Security Incident Response Team (CSIRT), focuses on people, technology or processes. Unfortunately, such advice may also include doing so at full speed, from the […]
Active Threat Analytics: Easing the Burden of Threat Management
In Greek mythology, Sisyphus was a trickster king cursed with the eternal torment of fruitless labor. As punishment for his hubris and wile, Zeus condemned this hapless figure to the unending task of pushing a boulder up a mountain. Once he reached the top, the boulder would fall back down. And he would begin again. […]