Presentation on building an effective operational security capability (as given at Cisco Live US/Talos Threat Research Summit 2019).
This talk will not help you build a SOC in only 60 minutes, but it will help you build a functional security operation over time.
Building a SOC can be daunting. This talk will look at how to pick your fights and the key battles (authentication, logging, etc.) that any operational security team needs to win. The session will discuss how to ensure you formalize existing good practices and just as importantly what gaps may exist in the team’s processes. The session will look at the next steps that any organization intending to set off down this road ought to consider.