Book description
The Industry Standard, Vendor-Neutral Guide to Managing SOCs and Delivering SOC Services
This completely new, vendor-neutral guide brings together all the knowledge you need to build, maintain, and operate a modern Security Operations Center (SOC) and deliver security services as efficiently and cost-effectively as possible.
Leading security architect Joseph Muniz helps you assess current capabilities, align your SOC to your business, and plan a new SOC or evolve an existing one. He covers people, process, and technology; explores each key service handled by mature SOCs; and offers expert guidance for managing risk, vulnerabilities, and compliance. Throughout, hands-on examples show how advanced red and blue teams execute and defend against real-world exploits using tools like Kali Linux and Ansible. Muniz concludes by previewing the future of SOCs, including Secure Access Service Edge (SASE) cloud technologies and increasingly sophisticated automation.
This guide will be indispensable for everyone responsible for delivering security services—managers and cybersecurity professionals alike.
Address core business and operational requirements, including sponsorship, management, policies, procedures, workspaces, staffing, and technology
Identify, recruit, interview, onboard, and grow an outstanding SOC team
Thoughtfully decide what to outsource and what to insource
Collect, centralize, and use both internal data and external threat intelligence
Quickly and efficiently hunt threats, respond to incidents, and investigate artifacts
Reduce future risk by improving incident recovery and vulnerability management
Apply orchestration and automation effectively, without just throwing money at them
Position yourself today for emerging SOC technologies
.
Table of contents
- Cover Page
- About This eBook
- Title Page
- Copyright Page
- Dedication
- Table of Contents
- Preface
- We Want to Hear from You!
- Reader Services
- Acknowledgments
- About the Author
- Figure Credits
-
Chapter 1. Introducing Security Operations and the SOC
- Introducing the SOC
- Factors Leading to a Dysfunctional SOC
- Cyberthreats
- Investing in Security
- The Impact of a Breach
- Establishing a Baseline
- Fundamental Security Capabilities
- Standards, Guidelines, and Frameworks
- Industry Threat Models
- Vulnerabilities and Risk
- Business Challenges
- In-House vs. Outsourcing
- SOC Services
- SOC Maturity Models
- SOC Goals Assessment
- SOC Capabilities Assessment
- SOC Development Milestones
- Summary
- References
-
Chapter 2. Developing a Security Operations Center
- Mission Statement and Scope Statement
- Developing a SOC
- SOC Procedures
- Security Tools
- Planning a SOC
- Designing a SOC Facility
- Network Considerations
- Disaster Recovery
- Security Considerations
- Internal Security Tools
- Guidelines and Recommendations for Securing Your SOC Network
- SOC Tools
- Summary
- References
-
Chapter 3. SOC Services
- Fundamental SOC Services
- The Three Pillars of Foundational SOC Support Services
- SOC Service Areas
- SOC Service Job Goals
- Service Maturity: If You Build It, They Will Come
- SOC Service 1: Risk Management
- SOC Service 2: Vulnerability Management
- SOC Service 3: Compliance
- SOC Service 4: Incident Management
- SOC Service 5: Analysis
- SOC Service 6: Digital Forensics
- SOC Service 7: Situational and Security Awareness
- SOC Service 8: Research and Development
- Summary
- References
-
Chapter 4. People and Process
- Career vs. Job
- Developing Job Roles
- SOC Job Roles
- NICE Cybersecurity Workforce Framework
- Role Tiers
- SOC Services and Associated Job Roles
- Soft Skills
- Security Clearance Requirements
- Pre-Interviewing
- Interviewing
- Onboarding Employees
- Managing People
- Job Retention
- Training
- Certifications
- Company Culture
- Summary
- References
- Chapter 5. Centralizing Data
- Chapter 6. Reducing Risk and Exceeding Compliance
- Chapter 7. Threat Intelligence
- Chapter 8. Threat Hunting and Incident Response
- Chapter 9. Vulnerability Management
- Chapter 10. Data Orchestration
- Chapter 11. Future of the SOC
- Index
Product information
- Title: The Modern Security Operations Center: The People, Process, and Technology for Operating SOC Services
- Author(s):
- Release date: May 2021
- Publisher(s): Addison-Wesley Professional
- ISBN: 9780135619858
You might also like
book
Security Operations Center: Building, Operating and Maintaining your SOC
This is the Rough Cut version of the printed book. This is the first complete guide …
book
Network Security Assessment, 3rd Edition
How secure is your network? The best way to find out is to attack it, using …
book
Security Policies and Implementation Issues, 3rd Edition
PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Security Policies …
book
ISO 27001/ISO 27002 - A guide to information security management systems
Understand how information security standards can improve your organisation’s security and set it apart from competitors …