About Rafeeq Rehman
Consultant, Author, Researcher.
There is a lot going on with Cloud computing, containers and micro services. Following is a summary of what information security professionals need to know about one very important idea: the Service Mesh. What is it? Service Mesh controls, monitors, … Continue reading →
Like this:
Like Loading...
The PDF version of my latest book “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center (SOC)” is now available for download. You can share this link, print it, and use it … Continue reading →
Like this:
Like Loading...
There are few things that every architect should do but most forget. As you know, there is no shortage of technology architecture frameworks and standards. You may have come across TOGAF for enterprise architecture and SABSA (Sherwood Applied Business Security … Continue reading →
Like this:
Like Loading...
My latest book “Cybersecurity Arm Wrestling: Winning the perpetual fight against crime by building a modern Security Operations Center (SOC)” is published and available on amazon.com worldwide. This is a relatively short book with 11 chapters, three sections and about … Continue reading →
Like this:
Like Loading...
The final draft of “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center (SOC)” book is complete and is available for download and your comments. The book consists of ten chapters as … Continue reading →
Like this:
Like Loading...
Over years of my professional work and research, I found six ingredients absolutely necessary for success of any SOC, big or small. When you combine these ingredients with continuous improvement activities, you will get excellent business results. On the other … Continue reading →
Like this:
Like Loading...
Draft of Chapter 7 of my book “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center” is complete and available for download. This chapter is about “Operate” part of the “Plan-Design-Build-Operate” strategy and … Continue reading →
Like this:
Like Loading...
Historically Security Operations Centers (SOC) have been a combination of people, processes, and technology designed to protect information systems, detect and respond to incidents to minimize damage. Many times SOC were built to meet fundamental needs for log collection and … Continue reading →
Like this:
Like Loading...
Once SOC analysts declare an event as a security incident, the CSIRT takes the ownership of the incident, take necessary actions and close it. The objective of CSIRT is to execute workflow for responding to the incidents once it is … Continue reading →
Like this:
Like Loading...
With digital economy taking a foothold, the CISO’s work is just getting more complex as new technologies are adopted by businesses, strict privacy laws are enacted globally, and attack surface is expanding by each day. Networks are no longer confined to data centers or corporate offices, and older ideas of managing security operations are obsolete. Continue reading →
Like this:
Like Loading...
Posted in InfoSec, SOC
|
Tagged API, automation, cloud, containers, DFIR, forensic, IoT, Open Source, serverless, SOC, SOC conference
|
