SOC
Featuring 2 Papers as of July 25, 2019
-
Common and Best Practices for Security Operations Centers: Results of the 2019 SOC Survey Analyst Paper (requires membership in SANS.org community)
by Chris Crowley and John Pescatore - July 9, 2019- Associated Webcasts: Common and Best Practices for Security Operations Centers: Results of the 2019 SOC Survey Common and Best Practices for Security Operations Centers: Panel Discussion
- Sponsored By: Anomali ThreatConnect CYBERBIT Commercial Solutions Siemplify DFLabs ExtraHop BTB Security cyberproof
In this survey, senior SANS instructor and course author Christopher Crowley, along with advisor and SANS director of emerging technologies John Pescatore, provide objective data to security leaders who are looking to establish a SOC or optimize an existing one. This report captures common and best practices, provides defendable metrics that can be used to justify SOC resources to management, and highlights the key areas that SOC managers should prioritize to increase the effectiveness and efficiency of security operations.
-
The Definition of SOC-cess? SANS 2018 Security Operations Center Survey Analyst Paper (requires membership in SANS.org community)
by Christopher Crowley and John Pescatore - August 13, 2018- Associated Webcasts: No Single Definition of a SOC: Part I of the SANS 2018 SOC Survey Results Webcast SOC Capabilities and Usefulness: Part II of the SANS SOC Survey Results Webcast SOC Capabilities and Usefulness: Part II of the SANS SOC Survey Results Webcast No Single Definition of a SOC: Part I of the SANS 2018 SOC Survey Results Webcast
- Sponsored By: LogRhythm CYBERBIT Commercial Solutions Authentic8 DFLabs Awake Security ExtraHop
Although SOCs are maturing, staffing and retention issues continue to vex critical SOC support functions. In this paper, learn how respondents to our 2018 SOC survey are staffing their SOCs, the value of cloud-based services to augment staff and technology, and respondents' level of satisfaction with the architectures they've deployed.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.
STI Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.
