Running a Security Operations Center - Challenges, Solutions and Key Learnings
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the challenges, solutions, and key learnings from operationalizing a Security Operations Center in this 47-minute Black Hat conference talk. Gain insights into increasing threat hunting coverage for on-premise and cloud environments, implementing behavioral analytics for anomaly detection, and enhancing SOC capabilities for rapid product deployment and validation. Discover strategies for addressing operational issues, understanding risk tolerance, ensuring regulatory compliance, and managing various domains of risk. Learn about decryption techniques, the importance of metadata analysis, targeted inspection methods, and the integration of inline solutions. Examine the relationship between network and security operations, and understand the role of automation in modern SOC management.
Syllabus
Introduction
Risk Tolerance
Regulation Compliance
Capabilities
Domains of Risk
Challenges
The Problem
The Solution
Decrypting
Metadata
Network metadata
Targeted inspection
Inline solutions
Network vs Security
Automation
Taught by
Black Hat
Related Courses
Introduction to FinanceUniversity of Michigan via Coursera Information Security and Risk Management in Context
University of Washington via Coursera Financial Engineering and Risk Management
Columbia University via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Caries Management by Risk Assessment (CAMBRA)
University of California, San Francisco via Coursera