SANS Live Training is Available In-Person OR Live Online! Explore Upcoming Events.

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.






Incident Handling

Featuring 150 Papers as of May 4, 2020

  • NOC/SOC Integration: Opportunities for Increased Efficiency in Incident Response within Cyber-Security by Nelson Hernandez - February 14, 2018 

    Managing, monitoring and defending enterprise networks with siloed Network Operation Centers (NOC) and Security Operation Centers (SOC) is a challenge. Each team running 24/7 incident response, event monitoring/correlation, generating/escalating trouble tickets and up channeling communications which provide an opportunity to integrate NOC and SOC functions. Integrating both teams at the first tier through cross-training, rewriting Standard Operating Procedures (SOP's) with coordination points, standardizing shared and coordinated communications, sharing and integrating dashboards and other data tools as cybersecurity continues to evolve. Adoption of integration as an industry best practice can capitalize on federated data, improve communication, increase visibility and situational awareness, optimize resource sharing and increase efficiencies.

  • View All Incident Handling Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

SANS.edu Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.