Security Operations Center (SOC)
Sign up for the Security Operations Center Tour at RSA Conference 2018
1 min read
The Security Operations Center (SOC) returns for RSA Conference 2018. You can register now for your free tour of the RSA Conference SOC, where engineers are monitoring all traffic on the Moscone Wireless Network for security threats.
Black Hat USA 2017: Cisco Umbrella Joins the NOC
4 min read
Cisco Cloud Based Security in the SOC Black Hat USA marked its 20th anniversary this year. The members of the NOC management showed me photos of the original NOC: a single router in a closet. The NOC has grown with the conference; into a well-managed team of experts from around the globe, from various vendors […]
The Significance of Log Sources to Building Effective Intelligence-Driven Incident Response
2 min read
Many organizations today fail in adequately acquiring the necessary visibility across their network to perform efficient and effective Incident Response tasks, one of which is Intelligence-Driven Incident Response; defined as...
Black Hat Asia 2017: SOC in the NOC
4 min read
Detecting PowerShell Exploits Black Hat returned to Asia again in 2017, with two days of technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at the Briefings. The backbone of the conference was the WiFi network, built on site by staff from Ruckus. I was honored to be invited to […]
A Comparison of SOC Models for Today’s Need of Monitoring & Detecting the Latest Cyber Threats
4 min read
At Cisco, we are often asked to take a vendor agnostic approach when developing a Security Operations Center (SOC) strategy, and as such, we must consider the importance of distinguishing between the various types of SOC models in today’s demanding security needs. However, before explaining the various models that exist for today’s need of monitoring […]
RSA Conference 2017 Security Operations Center Wrap-Up
2 min read
Effective Security requires three essential pillars: Simple to use, Open architecture and Automated workflows. The collaboration with RSA NetWitness Packets and Cisco AMP Threat Grid, in the RSA Conference 2017...
Tour the RSA Conference SOC
2 min read
Next week, some 30,000 security professionals will descend upon the Moscone Center in San Francisco for the 2017 RSA Conference. Cisco’s AMP Threat Grid, the first unified Malware Analysis and...
Is Your Race to SOC Headed for an Epic Crash?
4 min read
Before You Take Off, Get Up To Speed on These Six Precursors to Incident Response It seems most advice on setting up a Security Operations Center (SOC), or creating a Computer Security Incident Response Team (CSIRT), focuses on people, technology or processes. Unfortunately, such advice may also include doing so at full speed, from the […]
Cognitive Bias in Incident Response
5 min read
This blog is a co-authored by Jeff Bollinger & Gavin Reid Are You Too Confident in Your Incident Response? When Charles Darwin stated “Ignorance more frequently begets confidence than does knowledge,” civilization’s evolution from Industrial Age to Information Age was nearly a century away. Yet, when it comes to many aspects of IT, he nailed […]
1