Scribd Logo
Upload

Welcome to Scribd!

  • 1st Week - Introduction Soc PDF

    Uploaded by

    Rajendra N
    28 views20 pages
    The document provides an overview of a planned 4-week training on security operations center (SOC) topics. Week 1 will cover an introduction to SOC. Week 2 will discuss basic security concepts like Linux, networking, and implementing a SOC or security information and event management (SIEM) system. Week 3 will involve SOC analyst life scenarios. The document then provides more details on introducing SOC, the different types of SOCs, roles within a SOC, how SOCs work with SIEMs to collect and analyze log data, and common SOC tools.

    Original Description:

    Original Title

    1st week -introduction soc .pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides an overview of a planned 4-week training on security operations center (SOC) topics. Week 1 will cover an introduction to SOC. Week 2 will discuss basic security concepts like Linux, networking, and implementing a SOC or security information and event management (SIEM) system. Week 3 will involve SOC analyst life scenarios. The document then provides more details on introducing SOC, the different types of SOCs, roles within a SOC, how SOCs work with SIEMs to collect and analyze log data, and common SOC tools.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    28 views20 pages

    1st Week - Introduction Soc PDF

    Uploaded by

    Rajendra N
    The document provides an overview of a planned 4-week training on security operations center (SOC) topics. Week 1 will cover an introduction to SOC. Week 2 will discuss basic security concepts like Linux, networking, and implementing a SOC or security information and event management (SIEM) system. Week 3 will involve SOC analyst life scenarios. The document then provides more details on introducing SOC, the different types of SOCs, roles within a SOC, how SOCs work with SIEMs to collect and analyze log data, and common SOC tools.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    Planning

    Weeks Topics Name

    1st week Introduction SOC

    2nd week Basic Security ( Linux & Networking )

    3rd week SOC OR SIEM Implement

    4th Week SOC Analyst life scenario


    Introduction to
    SOC

    Boni Yeamin
    Cyber Security Analyst
    Cybersecurity Audit & Resilient Enterprise
    WHO I AM ?

    ❖ Cyber Security Analyst


    ❖ SOC Builder
    ❖ CTF Player
    ❖ Lover
    ❖ Brother
    Agenda

    ❏ Introduction to SOC
    ❏ SOC Types
    ❏ Different Roles in SOC
    ❏ SOC Analyst and Their Responsibilities
    ❏ SIEM and Analyst Relationship
    ❏ Log types & Management
    ❏ EDR - XDR
    ❏ SOC Tools
    ❏ SIEM Tools
    Introduction

    What is Soc ?

    The function of the security operations center


    (SOC) is to monitor, prevent, detect, investigate,
    and respond to cyber threats around the clock.
    SOC teams are charged with monitoring and
    protecting the organization's assets including
    intellectual property, personnel data, business
    systems, and brand integrity.
    What is soc Analyst

    A SOC (Security Operations Center) Analyst


    is a cybersecurity professional responsible for
    monitoring, analyzing, and responding to
    security threats to an organization's
    information systems and networks.
    SOC Types

    Types Of SOC Models

    ❏ In-house SOC
    ❏ In-house Virtual SOC
    ❏ Co-Managed SOC
    ❏ Outsourced Virtual SOC
    Different Roles in SOC

    ❏ Tier 1. Security Analyst ,Incident


    Responder ,Security Operator
    ❏ Tier 2. Security Investigator
    ❏ Tier 3. Advanced Security Analyst
    ,Threat Hunter
    ❏ SOC manager
    ❏ Security Engineers/Architects
    Roles & Responsibilities
    SIEM

    Security Information and Event


    Management (SIEM) is a security solution
    that collects, analyzes, and correlates
    security-related data from multiple sources in
    real-time. The main objectives of SIEM are to
    provide centralized visibility into an
    organization's security posture, detect
    security incidents, and simplify incident
    response.
    SIEM use case
    SOC and SIEM Analyst Relationship

    SOC= security operations center

    SIM =security information Management

    SEM=security event Management


    Log types & Management

    ❏ System logs
    ❏ Application logs
    ❏ Security logs
    ❏ Audit logs
    ❏ Network logs
    ❏ Access logs
    ❏ Performance logs
    EDR - Endpoint Detection and Response

    Key features of EDR solutions include:

    ❏ Endpoint monitoring: Continuously monitor


    endpoint activity to detect and respond to security
    incidents.
    ❏ Threat detection: Use machine learning algorithms
    and threat intelligence to detect known and unknown
    threats.
    ❏ Incident response: Automate incident response
    procedures to minimize the impact of security
    incidents.
    ❏ Forensics: Provide detailed forensic information
    about security incidents to aid in investigations and
    post-incident analysis.
    ❏ Compliance: Help organizations comply with security
    regulations and standards.
    10 SOC tools
    Top SIEM Tools for SOC Analysts

    ❏ Splunk
    ❏ LogRhythm
    ❏ AlienVault OSSIM
    ❏ AlienVault OSSIM
    ❏ wazuh
    How to become a soc Analyst
    Learn SOC

    Find job Create portfolio

    Blue team certification Experience


    Questions and Answers

    You might also like