How to build and run in-house SOC (ENG)

Online workshop

Date

1 - 2 July 2020

Trainer

Juraj Přibyl

Security Operation Center Manager | NN Group

A detailed overview of the most important "best practices" from a specialist who is responsible for the development, strategy and operation of a global in-house SOC incl. 12 countries around the world since 2015.

Table of content

• SOC – The beginning
  • SOC Fundamental components
  • SOC Strategy
  • SOC Charter / Mandate
  • Governance and org. structure
  • Legal and Industry Requirements
  • Identify and understand your customers (internal vs external)
• SOC Components
  • Incident detection
  • Incident response 
  • Threat Intelligence 
  • Threat Hunting
  • Forensics
  • Vulnerability assessment and configuration monitoring
  • Pen testing 
  • Red Team
• Operations
  • Human resources
  • Processes
  • Technology
  • Use Cases
  • Daily operations
• How to define SLAs and Incident classification
• SOC Maturity and Metrics

Target Audience

• CISO
• Security Operation Center Manager
• Security Manager
• Security Operator
• Security Specialist
• Security Auditor
• Security Consultant

This workshop is not intended for beginners, but for managers and specialists in the field  of security strategy, development and management of daily  tasks operation  in the organizations.

Duration: 2 x 4 hours (13:00 -17:00)

Maximum number of participants: 25

The follow-up workshop will be a hands-on version of the training How to spot and defend against adversaries movements in the network (MITTRE ATT&CK HandsOn Training Vol. 1), incl. real use cases prepared in a cloud environment for defensive and offensive security.