Description
Security Operations Center
Building, Operating, and Maintaining your SOC
Authors: Muniz Joseph, McIntyre Gary, AlFardan Nadhem
Language: English
Subject for Security Operations Center:
Keywords
SOC; network security; information security; cyber security; cybersecurity; cyber war; cyber warfare; infosec; threat detection; threat response; security + maturity model; dedicated SOC; virtual SOC; ; Cybersecurity Specialist; cisco ; Cybersecurity Specialist; threat detection; ; 600-199 SCYBER; ; SCYBER
51.64 €
In Print (Delivery period: 14 days).
Add to cart
the book of Muniz Joseph, McIntyre Gary, AlFardan Nadhem
448 p. · 19x23 cm · Paperback
Description
/li>Biography
/li>Comment
/li>
Security Operations Center
Building, Operating, and Maintaining Your SOC
The complete, practical guide to planning, building, and operating an effective Security Operations Center (SOC)
Security Operations Center is the complete guide to building, operating, and managing Security Operations Centers in any environment. Drawing on experience with hundreds of customers ranging from Fortune 500 enterprises to large military organizations, three leading experts thoroughly review each SOC model, including virtual SOCs. You?ll learn how to select the right strategic option for your organization, and then plan and execute the strategy you?ve chosen.
Security Operations Center walks you through every phase required to establish and run an effective SOC, including all significant people, process, and technology capabilities. The authors assess SOC technologies, strategy, infrastructure, governance, planning, implementation, and more. They take a holistic approach considering various commercial and open-source tools found in modern SOCs.
This best-practice guide is written for anybody interested in learning how to develop, manage, or improve a SOC. A background in network security, management, and operations will be helpful but is not required. It is also an indispensable resource for anyone preparing for the Cisco SCYBER exam.
· Review high-level issues, such as vulnerability and risk management, threat intelligence, digital investigation, and data collection/analysis
· Understand the technical components of a modern SOC
· Assess the current state of your SOC and identify areas of improvement
· Plan SOC strategy, mission, functions, and services
· Design and build out SOC infrastructure, from facilities and networks to systems, storage, and physical security
· Collect and successfully analyze security data
· Establish an effective vulnerability management practice
· Organize incident response teams and measure their performance
· Define an optimal governance and staffing model
· Develop a practical SOC handbook that people can actually use
· Prepare SOC to go live, with comprehensive transition plans
· React quickly and collaboratively to security incidents
· Implement best practice security operations, including continuous enhancement and improvement
Joseph Muniz is a consultant at Cisco Systems and security researcher. Joseph started his career in software development and later managed networks as a contracted technical resource. Joseph moved into consulting and found a passion for security while meeting with a variety of customers. He has been involved with the design and implementation of multiple projects, ranging from Fortune 500 corporations to large federal networks. Joseph is the author of and contributor to several books and is a speaker for popular security conferences. Check out his blog, http://www.thesecurityblogger.com, which showcases the latest security events, research, and technologies.
Gary McIntyre is a seasoned information security professional focusing on the development and operation of large-scale information security programs. As an architect, manager, and consultant, he has worked with a wide range of public and private sector organizations around the world to design, build, and maintain small to large security operations teams. He currently holds a Masters degree from the University of Toronto and has also been a long-time (ISC)2 instructor.
Dr. Nadhem AlFardan has more than 15 years of experience in the area of information security and holds a Ph.D. in Information Security from Royal Holloway, University of London. Nadhem is a senior security solution architect working for Cisco Systems. Before joining Cisco, he worked for Schlumbeger and HSBC. Nadhem is CISSP certified and is an ISO 27001 lead auditor. He is also CCIE Security certified. In his Ph.D. research, Nadhem published a number of papers in prestige conferences, such as IEEE S&P and USENIX Security, mainly around cryptoanalysis topics. His work involved him working with organizations such as Google, Microsoft, Cisco, Mozilla, OpenSSL, and many other
- How to organize IT security for an era of unprecedented, fast-changing, and increasingly complex threats
- Thoroughly introduces SOC roles, technologies, and use cases
- Helps students systematically assess the maturity of existing security operation environments, and then improve them
- Guides students through developing their own SOC "playbook"
