SOC-Class

Topic List

Twitter: @CCrowMontance

Use the space-bar (not arrows) to advance through slides

Topics Covered

Use the space-bar to advance through slides

Orientation

  • A Story About Telling Stories
  • Orientation: First Principles and Terminology

Business Alignment

  • Steering Committee – Phase 1: Design
  • Requirements
  • Impact
  • Charter

SOC Design

  • Functional Components
  • Presumed Organizational Support Functions
  • Functional Arrangements
  • Operational and Architectural Considerations
  • SOC Organizational Position
  • Multi SOC Models
  • SOC and IT Relations
  • Size and Maturity
  • Size: What Does It Look Like?
  • Outsourcing Advice

Overall Program of Operations

  • Intro
  • Command Center
  • Network Security Monitoring
  • Threat Intelligence
  • Incident Response
  • Forensics
  • Self Assessment

Business Alignment

  • Defensive Topology
  • Steering Committee: Phase 2 – Build

SOC Design

  • Functional Area Work Products
  • Technology Selection
  • Physical SOC Build
  • Technology Selection

Business Alignment (2)

  • Cultural and Organizational Influence on SOC Requirements and Performance

Analysis

  • Analytical Methodology for the SOC
  • Applied ACH
  • Available Frameworks for Analysis
  • Analytical Methodology: Wrap Up

SOC Design

  • Orchestration and Automation

Staff

  • Roles
  • Hiring
  • Onboarding
  • Training
  • Meetings
  • Retention

Operations

  • Tempo
  • Pre-Forensics
  • Threat Hunting
  • Use Case Development

Metrics

  • Introduction
  • Appropriate Audience
  • Reported
  • Service Level Objectives
  • SOC Internal Health and Performance

Maturity

  • Introduction
  • SOC-CMM Walkthrough

Process

  • Sequence Walk Through

Case Study

  • Phin Phisher
  • Insiders

Questions?

Twitter: @CCrowMontance

Download executive summary (pdf)

Return to SOC-Class site