Blog - Cyber Security Informer

What is a Security Operations Center (SOC)? Definition, Scope, Roles, and Benefits.

Heimadal Security

APRIL 15, 2022

The Security Operations Center or S.O.C is the preferred trade-off between defense reinforcement, security ‘frameworking’ & ‘blueprinting’, global policy enforcement, active threat-hunting, and auditing. A SOC team is comprised of software engineers, pen-testers, and security […].

Engineering

Engineering Software Risk Education

Security operations center, Part 2: Life of a SOC analyst

Security Boulevard

FEBRUARY 26, 2021

In the first part of this blog series, we saw a brief overview of what a security operations center (SOC) is and how it operates. In this part, we’ll take a look at the typical activities that SOC analysts carry ….

Cybersecurity

How to Banish Heroes from Your SOC?

Anton on Security

OCTOBER 12, 2023

This blog was born from two parents: my never-finished blog on why relying on heroism in a Security Operations Center (SOC) is bad and Phil Venables “superb+” blog titles “Delivering Security at Scale: From Artisanal to Industrial.” First, where might this show up in your SOC?

Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Anton’s Security Blog Quarterly Q2 2022

Anton on Security

MAY 25, 2022

Great blog posts are sometimes hard to find (especially on Medium ), so I decided to do a periodic list blog with my favorite posts of the past quarter or so. This covers both Anton on Security and my posts from Google Cloud blog , and our Cloud Security Podcast too ( subscribe ). Here is the next one.

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

Stealing More SRE Ideas for Your SOC

Anton on Security

DECEMBER 21, 2021

As we discussed in “Achieving Autonomic Security Operations: Reducing toil” (or it’s early version “Kill SOC Toil, Do SOC Eng” ), your Security Operations Center (SOC) can learn a lot from what IT operations learned during the SRE revolution. evolving automation. evolving automation.

Engineering

Engineering Phishing Technology Ransomware

New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of…

Anton on Security

JANUARY 10, 2022

New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4) Sorry, it took us a year (long story), but paper #3 in Deloitte/Google collaboration on SOC is finally out. Enjoy “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” [PDF].

Engineering

Engineering Technology Cybersecurity

WTH is Modern SOC, Part 1

Anton on Security

DECEMBER 8, 2023

In recent weeks, coincidentally, I’ve had several conversations that reminded me about the confusion related to “modern SOC.” One particular person went on a quest through several “leading” companies’ security operations to see how they have implemented a “modern” SOC. long story, probably Part 3 of this blog :-)].

Engineering

Engineering Phishing

New Paper: “Future of the SOC: Evolution or Optimization?—?Choose Your Path” (Paper 4 of 4.5)

Anton on Security

JANUARY 18, 2024

New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5) New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5) New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5)

Technology

Technology Risk Architecture

Kill SOC Toil, Do SOC Eng

Anton on Security

AUGUST 30, 2021

As you are reading our recent paper “Autonomic Security Operations?—?10X 10X Transformation of the Security Operations Center” , some of you may think “Hey, marketing inserted that 10X thing in there.” Does this remind you of SOC analyst work? But before we go there: where is that 10X?

Engineering

Engineering Marketing Education Threat Detection

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

The Last Watchdog

OCTOBER 23, 2023

Cisco’s $28 billion acquisition of Splunk comes at an inflection point of security teams beginning to adopt to working with modern, cloud-native data lakes. Related: Dasera launches new Snowflake platform For years, Splunk has been the workhorse SIEM for many enterprise Security Operation Centers (SOCs).

Architecture

Architecture Threat Detection Engineering Data collection

New Paper: “Future of the SOC: SOC People?—?Skills, Not Tiers”

Anton on Security

DECEMBER 22, 2020

New Paper: “Future of the SOC: SOC People?—?Skills, Deloitte Security Operations Center (SOC) paper titled “Future of the SOC: Forces shaping modern security operations” ( launch blog , paper PDF ) and promised a series of three more papers covering SOC people, process and technology.

Technology

Novel Threat Tactics, Notable Vulnerabilities, and Current Trends for April 2024

Security Boulevard

MAY 17, 2024

In April, the team discussed threat intelligence, vulnerabilities and trends, security operations center (SOC) engineering insights, threat hunting, and detection engineering. The post Novel Threat Tactics, Notable Vulnerabilities, and Current Trends for April 2024 appeared first on Security Boulevard.

Engineering

Engineering Cybersecurity

Cloud Security Podcast by Google?—?Popular Episodes by Topic

Anton on Security

APRIL 7, 2022

Cloud Security Podcast by Google?—?Popular Data security “Data Security in the Cloud“ “Modern Data Security Approaches: Is Cloud More Secure?” Popular Episodes by Topic This is simply a post that categorizes our podcast episodes by topic and then by download/listen count.

Cloud Migration

Cloud Migration Threat Detection CISO Engineering

More SRE Lessons for SOC: Simplicity Helps Security

Anton on Security

NOVEMBER 17, 2022

This sounds abstract and philosophical, how can it help my SOC today? So, yes, this is a big part of why security is fun, but also tricky. Phil’s 8 megatrends blog reminds us about this by calling one of his cloud megatrends “Simplicity: Cloud as an abstraction machine.” and security issues are often rooted in surprise.”

Engineering

Engineering Software Data collection Architecture

Anton’s Security Blog Quarterly Q3 2021

Security Boulevard

SEPTEMBER 16, 2021

Sometimes great old blog posts are hard to find (especially on Medium ), so I decided to do a periodic list blog with my favorite posts over the past quarter. This covers both Anton on Security and my posts from Google Cloud blog , and now our Cloud Security Podcast too! Beware: Clown-grade SOCs Still Abound””.

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

New Paper: “Autonomic Security Operations?—?10X Transformation of the Security Operations Center”

Anton on Security

JULY 21, 2021

New Paper: “Autonomic Security Operations?—?10X 10X Transformation of the Security Operations Center” It is with much excitement that we announce a new paper about transforming your security operations ; it is published under the Office of the CISO at Google Cloud. What is the “O” in SOC?

System Administration

System Administration Engineering CISO Technology

More SRE Lessons for SOC: Release Engineering Ideas

Anton on Security

AUGUST 31, 2022

First, we need to address the elephant in the room, ahem, in the SOC. Namely, people who hear about “release engineering” and say: my SOC neither releases nor engineers. So, how can people who think their SOC does not “release” anything because “we just use alerts spawned by rules from somebody else” learn from the SREs here?

Engineering

Engineering Risk

Insights into SOC metrics, recent SOC Engineering Exercises, and more

Security Boulevard

JANUARY 4, 2024

In November, the team discussed notable vulnerabilities and trends, gave a crash course on security operations center (SOC) metrics, and provided insights on a recent SOC engineering exercise. The post Insights into SOC metrics, recent SOC Engineering Exercises, and more appeared first on Pondurance.

Engineering

Engineering Cybersecurity

WTH is Modern SOC, Part 1

Security Boulevard

DECEMBER 8, 2023

In recent weeks, coincidentally, I’ve had several conversations that reminded me about the confusion related to “modern SOC.” One particular person went on a quest through several “leading” companies’ security operations to see how they have implemented a “modern” SOC. long story, probably Part 3 of this blog :-)].

Engineering

Engineering Phishing

Training Will Be Key to Retaining SOC Analysts

IT Security Central

APRIL 7, 2022

Working in a Security Operations Center (SOC) is like working in an emergency room on a weekend shift at 2 AM. The post Training Will Be Key to Retaining SOC Analysts first appeared on IT Security Central - Teramind Blog.

Information Security

Anton’s Security Blog Quarterly Q3 2021

Anton on Security

SEPTEMBER 16, 2021

Sometimes great old blog posts are hard to find (especially on Medium ), so I decided to do a periodic list blog with my favorite posts over the past quarter. This covers both Anton on Security and my posts from Google Cloud blog , and now our Cloud Security Podcast too! Here is the next one. Now, posts by topic.

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

New Paper: “Future of the SOC: Evolution or Optimization?—?Choose Your Path” (Paper 4 of 4.5)

Security Boulevard

JANUARY 18, 2024

New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5) New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5) New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5)

Technology

Technology Risk Architecture Government

A Beginner’s Guide to SOCaaS

Security Boulevard

APRIL 5, 2022

A security operations center (SOC) serves specific and important functions in strengthening the cybersecurity defenses of any organization. SOC as a Service (SOCaaS) uses a different…. The post A Beginner’s Guide to SOCaaS appeared first on Security Boulevard.

Security Awareness

Security Awareness Risk Cybersecurity

More SRE Lessons for SOC: Simplicity Helps Security

Security Boulevard

NOVEMBER 17, 2022

This sounds abstract and philosophical, how can it help my SOC today? So, yes, this is a big part of why security is fun, but also tricky. Phil’s 8 megatrends blog reminds us about this by calling one of his cloud megatrends “Simplicity: Cloud as an abstraction machine.” and security issues are often rooted in surprise.”.

Engineering

Engineering Software Data collection Architecture

Video: Modernizing Phoenix’s Cybersecurity to Combat Nation-State Attacks

Security Boulevard

DECEMBER 15, 2022

Lawson and Coulehan have been partnering together for almost three years to transform the City’s cybersecurity initiatives and Security Operations Center (SOC). . The post Video: Modernizing Phoenix’s Cybersecurity to Combat Nation-State Attacks appeared first on Security Boulevard.

Cybersecurity

Cybersecurity CISO CSO Threat Detection

A Look Into Purple Fox’s Server Infrastructure

Trend Micro

DECEMBER 12, 2021

By examining Purple Fox’s routines and activities, both with our initial research and the subject matter we cover in this blog post, we hope to help incident responders, security operation centers (SOCs), and security researchers find and weed out Purple Fox infections in their network.

Malware

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

Anton on Security

FEBRUARY 26, 2021

Those who follow me on social media already knows this, but we have launched THE Cloud Security Podcast. The whole story from our GCP blog is cross-posted below: Security continues to be top of mind for large enterprises as well as smaller organizations and businesses. You can also download the episodes directly here.

Cloud Migration

Cloud Migration Network Security Banking Media

SOC Trends ISACA Webinar Q&A

Anton on Security

MAY 13, 2021

A few days ago we did a very well-attended webinar focused on the modern Security Operations Center (SOC) approach (see “Trend for the Modern SOC” for a replay link). We got a lot of great questions, and just like in the good old times , I am writing a blog where I cover some of the answers. Outside USA?

Risk

Risk Threat Detection Technology Cybersecurity

More SRE Lessons for SOC: Release Engineering Ideas

Security Boulevard

AUGUST 31, 2022

First, we need to address the elephant in the room, ahem, in the SOC. Namely, people who hear about “release engineering” and say: my SOC neither releases nor engineers. So, how can people who think their SOC does not “release” anything because “we just use alerts spawned by rules from somebody else” learn from the SREs here?

Engineering

Engineering Risk Government Network Security

What is Anomaly Detection in Cybersecurity?

Security Boulevard

JULY 21, 2021

Security Operations Center (SOC) analysts use each of these approaches to varying degrees of effectiveness in Cybersecurity applications. Security Operations Center (SOC) analysts use each of these approaches to varying degrees of effectiveness in Cybersecurity applications.

Cybersecurity

Cybersecurity Banking Cyber threats

Stealing More SRE Ideas for Your SOC

Security Boulevard

DECEMBER 21, 2021

As we discussed in “Achieving Autonomic Security Operations: Reducing toil” (or it’s early version “Kill SOC Toil, Do SOC Eng” ), your Security Operations Center (SOC) can learn a lot from what IT operations learned during the SRE revolution. evolving automation. evolving automation.

Engineering

Engineering Phishing Technology Ransomware

New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of…

Security Boulevard

JANUARY 10, 2022

New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4). Sorry, it took us a year (long story), but paper #3 in Deloitte/Google collaboration on SOC is finally out. Enjoy “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” [PDF].

Engineering

Engineering Technology Risk Government

GUEST ESSAY: Advanced tools are ready to help SMBs defend Microsoft 365, Google Workspace

The Last Watchdog

FEBRUARY 7, 2023

Another report by Vade completed last year found that 87 percent of respondents agreed their organization could take the threat from email security more seriously. Secure email gateways (SEGs) are a common solution used by businesses both large and small to analyze emails for malicious content before they’re able to reach corporate systems.

Small Business

Small Business Technology Cyber Attacks Cybersecurity

The Traditional SOC Is Dead, Long Live the Remote SOC

Security Boulevard

FEBRUARY 24, 2021

If you haven't read our 2021 Cybersecurity predictions blog and whitepaper , I recommend that you do. In it, you'll find one prediction that might be somewhat controversial—the death of the Security Operations Center (SOC). I run IntelliGO's Threat Hunting team and what would historically have been called our SOC.

Technology

Technology Cybersecurity

Netography Fusion Advances Network Security and Visibility with Multiple Updates

Security Boulevard

SEPTEMBER 28, 2022

The latest release of Netography Fusion provides much more functionality and an improved customer experience for security operations center (SOC) and cloud operations teams. The post Netography Fusion Advances Network Security and Visibility with Multiple Updates appeared first on Netography.

Network Security

Stories from the SOC – Data exfiltration

CyberSecurity Insiders

OCTOBER 11, 2021

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. The post Stories from the SOC – Data exfiltration appeared first on Cybersecurity Insiders.

Threat Detection

Threat Detection Cybersecurity Malware Cyber threats

The Traditional SOC Is Dead, Long Live the Remote SOC

Security Boulevard

FEBRUARY 25, 2021

If you haven't read our 2021 Cybersecurity predictions blog and whitepaper , I recommend that you do. In it, you'll find one prediction that might be somewhat controversial—the death of the Security Operations Center (SOC). I run IntelliGO's Threat Hunting team and what would historically have been called our SOC.

Technology

Technology Cybersecurity

7 Considerations for Establishing an Effective SOC

Security Boulevard

AUGUST 19, 2021

For many organizations, the SOC is their “first line of defense” A Security Operations Center (SOC) can be defined as a centralized team within an organization that monitors the information technology environment for incidents and provides direct support of the cybersecurity incident response process.

Technology

Technology Cybersecurity InfoSec

Kill SOC Toil, Do SOC Eng

Security Boulevard

AUGUST 30, 2021

As you are reading our recent paper “Autonomic Security Operations?—?10X 10X Transformation of the Security Operations Center” , some of you may think “Hey, marketing inserted that 10X thing in there.”. Does this remind you of SOC analyst work? Well, it is an exact match, no need to write any regexes here….

Engineering

Engineering Marketing Education Threat Detection

Cloud Security Podcast by Google?—?Popular Episodes by Topic

Security Boulevard

APRIL 7, 2022

Cloud Security Podcast by Google?—?Popular Data Security in the Cloud“. Security Operations Center (SOC). SOC in a Large, Complex and Evolving Organization”. EP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud”. Threat Detection at Google Cloud Security Summit”.

Cloud Migration

Cloud Migration Threat Detection CISO Engineering

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

Security Boulevard

FEBRUARY 26, 2021

Those who follow me on social media already knows this, but we have launched THE Cloud Security Podcast. The whole story from our GCP blog is cross-posted below: Security continues to be top of mind for large enterprises as well as smaller organizations and businesses. You can also download the episodes directly here.

Cloud Migration

Cloud Migration Network Security Banking Media

Why MITRE ATT&CK Matters?

McAfee

MARCH 9, 2021

In a Security Operations Center (SOC) this resource is serving as a progressive framework for practitioners to make sense of the behaviors (techniques) leading to system intrusions on enterprise networks. MITRE ATT&CK enterprise is a “knowledge base of adversarial techniques ”.

Marketing

Marketing Ransomware Malware Risk

Migrate Off That Old SIEM Already!

Anton on Security

FEBRUARY 5, 2024

If you are like us, you may be surprised that, in 2024, traditional security information and event management (SIEM) systems are still the backbone of most security operations centers (SOC). That’s where this blog comes in. This question is inextricably linked to cost.

Threat Detection

Threat Detection Engineering Artificial Intelligence Risk

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department. The incident may cause delays for online payment processing operated by Dallas Water Utilities. ” reported the website of Fox4News.

Ransomware

Ransomware Healthcare Education Encryption

What is a Security Operations Center (SOC)? Definition, Scope, Roles, and Benefits.

Security operations center, Part 2: Life of a SOC analyst

Webinars

Trending Sources

How to Banish Heroes from Your SOC?

Webinars

Anton’s Security Blog Quarterly Q2 2022

Stealing More SRE Ideas for Your SOC

New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of…

WTH is Modern SOC, Part 1

New Paper: “Future of the SOC: Evolution or Optimization?—?Choose Your Path” (Paper 4 of 4.5)

Kill SOC Toil, Do SOC Eng

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

New Paper: “Future of the SOC: SOC People?—?Skills, Not Tiers”

Novel Threat Tactics, Notable Vulnerabilities, and Current Trends for April 2024

Cloud Security Podcast by Google?—?Popular Episodes by Topic

More SRE Lessons for SOC: Simplicity Helps Security

Anton’s Security Blog Quarterly Q3 2021

New Paper: “Autonomic Security Operations?—?10X Transformation of the Security Operations Center”

More SRE Lessons for SOC: Release Engineering Ideas

Insights into SOC metrics, recent SOC Engineering Exercises, and more

WTH is Modern SOC, Part 1

Training Will Be Key to Retaining SOC Analysts

Anton’s Security Blog Quarterly Q3 2021

New Paper: “Future of the SOC: Evolution or Optimization?—?Choose Your Path” (Paper 4 of 4.5)

A Beginner’s Guide to SOCaaS

More SRE Lessons for SOC: Simplicity Helps Security

Video: Modernizing Phoenix’s Cybersecurity to Combat Nation-State Attacks

A Look Into Purple Fox’s Server Infrastructure

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

SOC Trends ISACA Webinar Q&A

More SRE Lessons for SOC: Release Engineering Ideas

What is Anomaly Detection in Cybersecurity?

Stealing More SRE Ideas for Your SOC

New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of…

GUEST ESSAY: Advanced tools are ready to help SMBs defend Microsoft 365, Google Workspace

The Traditional SOC Is Dead, Long Live the Remote SOC

Netography Fusion Advances Network Security and Visibility with Multiple Updates

Stories from the SOC – Data exfiltration

The Traditional SOC Is Dead, Long Live the Remote SOC

7 Considerations for Establishing an Effective SOC

Kill SOC Toil, Do SOC Eng

Cloud Security Podcast by Google?—?Popular Episodes by Topic

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

Why MITRE ATT&CK Matters?

Migrate Off That Old SIEM Already!

City of Dallas shut down IT services after ransomware attack

Stay Connected