New to the SOC? As the first order of business, building a thorough understanding of your data collection pipeline, formats, and analysis tools is one of the key actions to orienting yourself to the wealth of data at your fingers, but where to start? Modern Security Operations Centers are a cornucopia of logs and network data strewn across multiple tools, all of which analysts must understand and use on a daily basis. Seeing the big picture on how it all fits together, however, can be confusing as a newcomer.
In this webcast, John will break down both host and network data types and formats, the most common tools used in the SOC, and draw the big picture on how everything fits together to form your complete security monitoring operation. If you've ever wondered how logs get from endpoints to your SIEM, from network taps to logs, or how all your devices work together to produce a robust, integrated monitoring system, this webcast is for you!