security-operation-center
Not a SOC FAQ! This is SOC FMD!
Somebody asked me this profound question that (a) I feel needs an answer and that (b) I’ve never answered in the past:If you run a SOC (or an equivalent D&R team), what things ...
Learn Modern SOC and D&R Practices Using Autonomic Security Operations (ASO) Principles
Learn Modern SOC and D&R practices for free from Google! Yes, really! That’s the message. Join *hundreds* of others who already signed up!Now, with full details….After some ungodly amount of work, the original ...
The Impending SIEM Wars: What Market Consolidation Means for Customers
The cybersecurity landscape is rapidly evolving, and nowhere is this more evident than in the Security Information and Event Management (SIEM) market. This period of transformation, marked by strategic mergers and high-stakes ...
Baby ASO: A Minimal Viable Transformation for Your SOC
Vaguely relevant but very cyber image from Dall-EOne pattern I spotted after looking at the evolution of IT and security organizations over the years, including my time at Gartner is: change is hard, ...
How to Banish Heroes from Your SOC?
This blog was born from two parents: my never-finished blog on why relying on heroism in a Security Operations Center (SOC) is bad and Phil Venables “superb+” blog titles “Delivering Security at ...
More SRE Lessons for SOC: Simplicity Helps Security
As we discussed in our blogs, “Achieving Autonomic Security Operations: Reducing toil”, “Achieving Autonomic Security Operations: Automation as a Force Multiplier,” “Achieving Autonomic Security Operations: Why metrics matter (but not how you ...
SOC Technology Failures — Do They Matter?
SOC Technology Failures — Do They Matter?img src: https://flic.kr/p/dwWHw5Most failed Security Operations Centers (SOCs) that I’ve seen have not failed due to a technology failure. Lack of executive commitment, process breakdowns, ineffective workforces (often a ...
Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…
Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…This is about the Security Operations Center (SOC). And automation. And of course SOC automation.Let’s start from a dead-obvious point: you cannot ...
New Paper: “Future of the SOC: Forces shaping modern security operations”
For some reason, I just cannot leave the topic of Security Operation Center (SOC) alone. In fact, I now am participating in a very fun effort to write a series of papers ...