16 InfoSec Courses, 2 Weeks of Training at SANS Virginia Beach 2018. Save $200 thru 7/25.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Use Case Development for Security Operations

  • Thursday, Jan 18, 2018 - 2:00 pm Canberra / 12:00 pm Tokyo / 11:00 am Singapore
  • Christopher Crowley
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

This talk will discuss the task most critical to improving SOC capability: development of appropriate scenarios of inspection. This is typically referred to as a use case. To be successful It must blend: technical knowledge of deployed systems, knowledge of threat capability and common behavior, understanding of the organizations information assets, and data collection.

As a background for this use case discussion, the functional areas required for a SOC will be identified. Since people are necessary to be effective at analysis which produces use cases, a discussion of analysis and developing strategies for ongoing development will also be presented.

Speaker Bio

Christopher Crowley

Mr. Crowley has 15 years of industry experience managing and securing networks. He currently works as an independent consultant in the Washington, DC area focusing on effective computer network defense. His work experience includes penetration testing, security operations, incident response, and forensic analysis.

Mr. Crowley is the course author for for SANS Management 517 - Managing Security Operations and SANS Management 535 - Incident Response Team Management. He holds the GSEC, GCIA, GCIH (gold), GCFA, GPEN, GMOB, GASF, GREM, GXPN and CISSP certifications. His teaching experience includes FOR585, MGT517, MGT535, SEC401, SEC503, SEC504, SEC560, SEC575, and SEC580; Apache web server administration and configuration; and shell programming.

He was awarded the SANS 2009 Local Mentor of the year award. "The Mentor of the Year Award is given to SANS Mentors who excel in leading SANS Mentor Training classes in their local communities."

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.