What Makes a Modern SOC
Bringing technology into the conversation, security orchestration, automation and response is a common tool used by modern SOCs, and it is key to providing mature SOC services. This is especially true for services such as incident response, which are very time dependent. Automation doesn’t have to be complex. For example, simply automating how data is shared between tools so a SOC analyst doesn’t have to log in to multiple tools can give valuable time back to the team.
Four areas are popular for automation:
- Enrichment: Improving data, eliminating manual pivots and automating workflows leading to verdicts.
- Response: Automating outcomes such as preventing access to a system or removing a file.
- Threat hunting: Taking different datapoints and using them to identify threats.
- Cyber hygiene. Automating vulnerability management, posture and configurations
Conclusion
Every organization should have a SOC, and that SOC should provide security services. Those services are graded based on maturity, and orchestration/automation is needed to reach high maturity ranking, which is a modern SOC. Cisco can help your organization’s SOC reach high maturity ranking through our DevOps certification programs and SecureX tool, which provides security orchestration, automation and response at no additional cost when investing in Cisco Security.
Learn how to apply DevOps within your organization in a simplified manner. Access Cisco Secure and free DevOps training at https://developer.cisco.com.
Joseph Muniz is Technical Solutions Architect in the Americas Security Sales Organization at Cisco Systems. Joseph started his career in software development and later managed networks as a contracted technical resource before moving into consulting, where he discovered a passion for security while meeting with a variety of customers.
Joseph has been involved with the design and implementation of multiple security projects, ranging from Fortune 500 corporations to large federal networks.
The author and contributor of several books, Joseph has also spoken at popular security conferences such as RSA, Cisco Live, ISC2 and DEF CON.
Joseph’s current role gives him visibility into the latest trends in cyber security both from leading vendors and customers.
This guest blog is part of a Channel Futures sponsorship.
- Page 1
- Page 2