Security Operations Center (SOC)
When you request a .jpg and get ransomware
6 min read
For the 3rd year, RSAConference 2019 APJ created an educational exhibit, sponsored by RSA, Cisco and M.Tech, to monitor the RSA Conference public Wi-Fi network provided by the Marina Bay...
5 Cybersecurity Trends to Watch
5 min read
Between now and RSA Conference 2020, here are five trends that I expect to see rise to the top.
Happy Birthday, Threat Response: Only a year old, but boy have you seen some things!
5 min read
Released only a year ago, Threat Response is used in 3,600+ SOCs, and has added value in organizations without full SOCs. More impressive: the rate of innovation within the application.
So You Want To Build A SOC: Security Intelligence and Technical Considerations (Part 2)
3 min read
As security consultants, we go into an extraordinary array of organisations’ security environments, all with very differing levels of maturity. Our clients consistently state a common desire: "We need a...
So You Want to Build a SOC: Foundations for Your Security Operations Team (Part 1)
3 min read
As security consultants, we go into an extraordinary array of organisations with very differing levels of maturity and one thing keeps on coming up: "we need a SOC". Whilst this...
Sign up for the Security Operations Center Tour at RSA Conference 2018
1 min read
The Security Operations Center (SOC) returns for RSA Conference 2018. You can register now for your free tour of the RSA Conference SOC, where engineers are monitoring all traffic on the Moscone Wireless Network for security threats.
Black Hat USA 2017: Cisco Umbrella Joins the NOC
4 min read
Cisco Cloud Based Security in the SOC Black Hat USA marked its 20th anniversary this year. The members of the NOC management showed me photos of the original NOC: a single router in a closet. The NOC has grown with the conference; into a well-managed team of experts from around the globe, from various vendors […]
The Significance of Log Sources to Building Effective Intelligence-Driven Incident Response
2 min read
Many organizations today fail in adequately acquiring the necessary visibility across their network to perform efficient and effective Incident Response tasks, one of which is Intelligence-Driven Incident Response; defined as...
Black Hat Asia 2017: SOC in the NOC
4 min read
Detecting PowerShell Exploits Black Hat returned to Asia again in 2017, with two days of technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at the Briefings. The backbone of the conference was the WiFi network, built on site by staff from Ruckus. I was honored to be invited to […]
1