How to build and run in-house SOC
A detailed overview of the most important "best practices" from a specialist who is responsible for the development, strategy and operation of a global in-house SOC incl. 12 countries around the world since 2015.
Table of content
- SOC – The beginning
- SOC Fundamental components
- SOC Strategy
- SOC Charter / Mandate
- Governance and org. structure
- Legal and Industry Requirements
- Identify and understand your customers (internal vs external)
- SOC Components
- Incident detection
- Incident response
- Threat Intelligence
- Threat Hunting
- Forensics
- Vulnerability assessment and configuration monitoring
- Pen testing
- Red Team
- Operations
- Human resources
- Processes
- Technology
- Use Cases
- Daily operations
- How to define SLAs and Incident classification
- SOC Maturity and Metrics
Target Audience
- CISO
- Security Operation Center Manager
- Security Manager
- Security Operator
- Security Specialist
- Security Auditor
- Security Consultant
This workshop is not intended for beginners, but for managers and specialists in the field of security strategy, development and management of daily tasks operation in the organizations.
Duration: 2 x 4 hours (13:00 -17:00)
Maximum number of participants: 25
The follow-up workshop will be a hands-on version of the training How to spot and defend against adversaries movements in the network (MITTRE ATT&CK HandsOn Training Vol. 1), incl. real use cases prepared in a cloud environment for defensive and offensive security.
Juraj Přibyl
Security Operation Center Manager | NN Group