Build your first SOC

This presentation covers the topic of how to build your organization’s first Security Operations Center (SOC). It starts out with an exploration of the need for a SOC within a Cybersecurity Operation. Most people in the audience likely already have a hunch that they need a SOC but have a hard time selling the investment to management. This talk will help the audience to identify selling points and prepare them for the task of convincing management to invest into a SOC. From there the talk goes into what is needed from a People/Process perspective to actually build a SOC. It covers Outsourcing vs Inhouse as well as how to deligently manage SOC procedures and use cases. Proper Escalation processes are also discussed. This section will be closed with some ideas on how to get a Continuous Improvement Cycle going. The talk then goes into covering the Technology perspective by looking at the minimum tech requirement for running a SOC. This section covers a plethora of Detection and Response technologies (SIEM, UEBA, EDR, Auh Logs, TIP, SOAR, etc.) and their roles in a SOC environment. Last but not least the speaker will dive into the question of whether your first SOC needs to come with 24x7 coverage and how you can determine the actual need.

Register Today!