Security Operations Center : Building, Operating, and Maintaining your SOC eBook

This is the first complete guide to building, operating, managing, and operating Security Operations Centers in any business or organizational environment. Two leading IT security experts review the characteristics, strengths, and weaknesses of each SOC model (including virtual SOCs).

Responsive image
AUTHOR
Joseph Muniz
FILESIZE
5,38 MB
PUBLISH DATE
08 Nov 2015
LANGUAGE
English
ISBN
9780134052014

Security Operations Center : Building, Operating, and Maintaining your SOC is a great book. This book is written by author Joseph Muniz. You can read the Security Operations Center : Building, Operating, and Maintaining your SOC book on our website merchantnavymemorialtrust.org.uk in any convenient format!


Security Operations CenterBuilding, Operating, and Maintaining Your SOCThe complete, practical guide to planning, building, and operating an effective Security Operations Center (SOC) Security Operations Center is the complete guide to building, operating, and managing Security Operations Centers in any environment. Drawing on experience with hundreds of customers ranging from Fortune 500 enterprises to large military organizations, three leading experts thoroughly review each SOC model, including virtual SOCs. You'll learn how to select the right strategic option for your organization, and then plan and execute the strategy you've chosen.Security Operations Center walks you through every phase required to establish and run an effective SOC, including all significant people, process, and technology capabilities. The authors assess SOC technologies, strategy, infrastructure, governance, planning, implementation, and more. They take a holistic approach considering various commercial and open-source tools found in modern SOCs.This best-practice guide is written for anybody interested in learning how to develop, manage, or improve a SOC. A background in network security, management, and operations will be helpful but is not required. It is also an indispensable resource for anyone preparing for the Cisco SCYBER exam.*Review high-level issues, such as vulnerability and risk management, threat intelligence, digital investigation, and data collection/analysis*Understand the technical components of a modern SOC*Assess the current state of your SOC and identify areas of improvement*Plan SOC strategy, mission, functions, and services*Design and build out SOC infrastructure, from facilities and networks to systems, storage, and physical security*Collect and successfully analyze security data*Establish an effective vulnerability management practice*Organize incident response teams and measure their performance*Define an optimal governance and staffing model*Develop a practical SOC handbook that people can actually use*Prepare SOC to go live, with comprehensive transition plans*React quickly and collaboratively to security incidents*Implement best practice security operations, including continuous enhancement and improvement


However, building a security operations center (SOC) environment with the correct balance between preventive, detective and reactive controls, along with threat intelligence abilities, can prove challenging.