SOC staff is dealing with threats and investigations on regular basis every day. In many cases these threats are repetitive. Dealing with continuous onslaught of Cyber threats makes SOC staff stressed. Stress and burnout are real problem. What is stress? … Continue reading
Please note that an updated 2021 version of MindMap is available at https://rafeeqrehman.com/2021/07/11/ciso-mindmap-2021-what-do-infosec-professionals-really-do/ Most people outside Cybersecurity profession don’t fully realize and appreciate the complexity of security professionals’ job. I have been publishing and updating this MindMap for many years, … Continue reading
Winning the perpetual fight against crime by building a modern Security Operations Center I am happy to announce that first three chapters of my book “Cybersecurity Arm Wrestling: Winning the perpetual fight against crime by building a modern Security Operations … Continue reading
View post to subscribe to site newsletter.
Collecting and processing security logs is one of the primary function of any SOC. Log sources vary widely, starting from security device logs, network components, applications, servers and many others. Continue reading
Just published first chapter draft of the my latest book: “CyberSecurity Arm Wrestling: Winning the perpetual fight against crime by building a modernSecurity Operations Center“. This chapter is available for immediate download by clicking here. The chapter covers the following … Continue reading
Logs provide a wealth of information and that is one of the reasons that almost all security standards and frameworks (NIST, ISO, PCI, and others) emphasize on collection, storage, and analysis of log data as one of the key aspects … Continue reading
While doing research on my upcoming book about running a successful Security Operations Center (SOC), I have interviewed people who have built and run SOC as well as survey reports from organizations like SANS and others. Overall it is a … Continue reading
While defining SOC mission and goals are key starting points, defining SOC scope is crucial to manage the overall SOC project and break a large multi-year project into smaller phases and milestones. This also helps in managing cost and simplify … Continue reading
SOC Planning – Defining SOC Scope Defining scope for the SOC is crucial for its success and to determine stakeholders for the SOC. The scope will help determine cost, associates needed to run the SOC, SOC processes and many other … Continue reading
Sometime back I published an article “What it Really Takes to Stand up a SOC”. This included a MindMap showing everything you need to consider while making a decision about establishing an internal Security Operations Center. Since then, many people … Continue reading