A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Exercise Your SOC: How to run an effective SOC response simulation - Brian Andrzejewski (BSidesCharm 2018) (Hacking Illustrated Series InfoSec Tutorial Videos)

Exercise Your SOC: How to run an effective SOC response simulation

Brian Andrzejewski
@DevSecOpsGeer

BSidesCharm 2018
http://www.bsidescharm.com

Security Operation Centers (SOCs) are the front line for incident detection, response, and escalation for organizations. Few security teams evaluate their SOC's tools, techniques and procedures (TTPs) are working the way they are suppose to for expected SOC response. This talk will cover how Blue and Red teams can build and execute live fire security incidents to target your SOC's TTP abilities to detect, respond, and escalate. Techniques will be discussed in how to develop basic SOC exercise scenarios, determine expected outcomes, measure actual results, and report lessons learned to improve your SOC's ability for TTP execution.

Brian is the lead Information Security Engineer in the CyberDefense Branch at the United States Customs and Immigration Services (USCIS). He leads, engineers, and architects several of USCIS’s security efforts and represents USCIS as a hands-on SME in several working groups within DHS and Federal government on DevSecOps, Application Security, Cloud Migration & Security, Container Security, and CyberDefense operations best practices. Prior to USCIS, Brian brings his prior 17+ years of professional experiences in information security, risk management, IT Operations, system development & administration, & DFIR from the Department of Defense, healthcare, commercial, and academic sectors. He was a prior DoD SME representative in U.S. cybersecurity workforce development programs and operationalized machine-speed cyber threat information sharing between the five U.S. National Cyber Centers. He remains passionate about cybersecurity workforce development and information security education with non-profits and security researchers.

Back to BSidesCharm 2018 list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast