Security Operations Center: Building, Operating and Maintaining your SOC
Read it now on the O’Reilly learning platform with a 10-day free trial.
O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
Book description
This is the Rough Cut version of the printed book.
This is the first complete guide to building, operating, managing, and operating Security Operations Centers in any business or organizational environment. Three leading IT security experts review the characteristics, strengths, and weaknesses of each SOC model (including virtual SOCs) -- thereby helping you select the right strategic option for your organization. Next, they walk you through every phase required to establish and operate an effective SOC, including all significant people, process and technology issues. You'll also find complete configuration examples covering the open source, Cisco, and non-Cisco components most likely to be found in modern, fully operational SOCs. Coverage includes:
An up-to-date review of modern security operations and challenges, from information assurance and risk management to incident response
How SOCs emerged and have evolved: what SOCs can do that other security approaches can't
A New SOC Maturity Model: evaluating where you stand and where you need to go
Planning your SOC: strategy, mission, functions, services, and more
Designing infrastructure, facilities, networks, and physical security
Comparing dedicated and virtualized SOC environments
Collecting and analyzing security data
Integrating vulnerability and risk management
Organizing effective incident response teams, and measuring their performance
Building out your SOC infrastructure: network, security, systems, storage, and collaboration
Developing an SOC handbook your people can use (including a practical example)
Best practice operations: maintenance, reviews, metrics, and continuous enhancement
Table of contents
- About This E-Book
- Title Page
- Copyright Page
- About the Authors
- About the Technical Reviewers
- Dedications
- Acknowledgments
- Contents at a Glance
- Contents
- Command Syntax Conventions
- Introduction
-
Part I: SOC Basics
-
Chapter 1. Introduction to Security Operations and the SOC
- Cybersecurity Challenges
- Introduction to Information Assurance
- Introduction to Risk Management
- Information Security Incident Response
- SOC Generations
- Characteristics of an Effective SOC
- Introduction to Maturity Models
- Applying Maturity Models to SOC
- Phases of Building a SOC
- Challenges and Obstacles
- Summary
- References
- Chapter 2. Overview of SOC Technologies
-
Chapter 1. Introduction to Security Operations and the SOC
- Part II: The Plan Phase
-
Part III: The Design Phase
- Chapter 5. The SOC Infrastructure
- Chapter 6. Security Event Generation and Collection
- Chapter 7. Vulnerability Management
- Chapter 8. People and Processes
-
Part IV: The Build Phase
- Chapter 9. The Technology
- Chapter 10. Preparing to Operate
- Part V: The Operate Phase
- Index
- Code Snippets
Product information
- Title: Security Operations Center: Building, Operating and Maintaining your SOC
- Author(s): Joey Muniz, Gary McIntyre, Nadhem AlFardan
- Release date: November 2015
- Publisher(s): Cisco Press
- ISBN: 9780134052083
You might also like
book
Designing and Building Security Operations Center
by David Nathans
Do you know what weapons are used to protect against cyber warfare and what tools to …
book
The Modern Security Operations Center: The People, Process, and Technology for Operating SOC Services
by Joseph Muniz, Aamir Lakhani, Omar Santos, Moses Frost
The Industry Standard, Vendor-Neutral Guide to Managing SOCs and Delivering SOC Services This completely new, vendor-neutral …
book
The Practice of Network Security Monitoring
by Richard Bejtlich
Network security is not simply about building impenetrable walls — determined attackers will eventually overcome traditional …
book
The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks
by Alan Calder
This book is a comprehensive cyber security implementation manual which gives practical guidance on the individual …