OnDemand Includes 4 Months Access to Course Content - Special Offers Available Now!


To attend this webcast, login to your SANS Account or create your Account.

No Single Definition of a SOC: Part I of the SANS 2018 SOC Survey Results Webcast

  • Tuesday, August 14, 2018 at 1:00 PM EDT (2018-08-14 17:00:00 UTC)
  • Chris Brazdziunas, Christopher Crowley, Barbara G. Kay, John Pescatore, Richard Steinhart


  • Authentic8
  • Awake Security
  • CYBERBIT Commercial Solutions
  • DFLabs
  • ExtraHop
  • LogRhythm

You can now attend the webcast using your mobile device!



While SOCs are maturing, staffing and retention issues continue to plague critical SOC support functions. In this webcast, learn how respondents to our 2018 SOC survey are staffing their SOCs, the value of cloud-based services to augment staff and technology, and respondents' level of satisfaction with the architectures they've deployed.

In this webcast, SANS Principal Instructor Chris Crowley will discuss the following:

  • The level of staffing in SOCs
  • Outsourcing part (or all) of the SOC architecture
  • Tools and technologies SOCs use to operate efficiently
  • The value of distributed vs. centralized SOC functions
  • Relationship between SOCs and NOCs
  • Improvements resulting from integrative SOC functions for detection, prevention and response

Register for Part II of this webcast, "Capabilities and Usefulness," here.

Attend this webcast and be among the first to receive the associated survey developed by Chris Crowley and SANS Director John Pescatore.

Speaker Bios

Chris Brazdziunas

Chris Brazdziunas has served in multiple roles at LogRhythm since joining in December of 2011, including vice president of engineering and currently as vice president of products, responsible for product management and product marketing. She has more than 20 years of experience leading product and R&D organizations and developing and delivering large-scale, enterprise software solutions. Chris holds an MS degree in Information Networking from Carnegie Mellon University and a BS degree in Computer Engineering from the University of Illinois, Urbana campus.

Christopher Crowley

Christopher Crowley, a senior SANS instructor and course author for SANS courses in Managing Security Operations and MGT535 Incident Response Team Management, holds multiple certifications. He received the SANS 2009 Local Mentor of the Year award for excellence in providing mentor classes to his local community. Chris is a consultant based in Washington, D.C., who has more than 15 years of experience in managing and securing networks. His areas of expertise include network and mobile penetration testing, mobile device deployments, security operations, incident response and forensic analysis.

Barbara G. Kay

Barbara G. Kay focuses on the needs and opportunities for reinventing security operations and the Reveal(x) product line. Prior to ExtraHop, she led security operations market research and product marketing for McAfee and was responsible for their threat intelligence and analytics solutions, as well as the security information and event management (SIEM) platform. Before McAfee, her consultancy helped innovators including Cisco, Websense, Good Technologies and Netgear. She also served as director of security and privacy marketing for Sun Microsystems and led marketing for several startups. She holds a BA from Dartmouth College.

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Richard Steinhart

Richard Steinhart leads the enterprise business at Authentic8, which has pioneered remote browser isolation since 2010. Its flagship product Silo, the secure and non-attributable cloud browser, deploys remotely in a cloud container that isolates all web content. Richard's 20-plus-year career in the technology industry has spanned some of the most innovative vendors in data management, incident management and cyber security. He holds a BS in Applied Mathematics and MA in Mathematics from the University of California, Los Angeles.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.