Security Operations Center

August 27, 2019

SECURITY

Black Hat USA 2019 Network Operations Center

Cisco Security is honored to be a supporting partner for the Black Hat USA 2019 Network Operations Center (NOC) for the third year; joining conference producer Informa Tech (formerly UBM) and its other security partners: RSA Security, Palo Alto Networks, Ruckus, CenturyLink and Gigamon. Cisco provid…

August 5, 2019

SECURITY

When you request a .jpg and get ransomware

Security Operations Center at RSAC APJ 2019 For the 3rd year, RSAConference 2019 APJ created an educational exhibit, sponsored by RSA, Cisco and M.Tech, to monitor the RSA Conference public Wi-Fi network provided by the Marina Bay Sands (MBS). This exhibit was created in the form of the RSA Conferen…

March 3, 2019

SECURITY

5 Cybersecurity Trends to Watch

As we are about to enter another RSA conference, it is a good time to reflect on what changes we are seeing in the cybersecurity space. Between now and RSA 2020, here are five trends that I expect to see rise to the top. 1. New world application security takes off.  There is a traditional way of thi…

February 28, 2019

SECURITY

Happy Birthday, Threat Response: Only a year old, but boy have you seen some things!

Cisco Threat Response: For security analysts, by one of their own The work of a security analyst is arduous and time consuming but rewarding too. I know, I spent a good part of my career sitting in a seat, investigating and responding to threats in a Security Operations Center (SOC). I spent way too…

February 12, 2019

SECURITY

So You Want To Build A SOC: Security Intelligence and Technical Considerations (Part 2)

As security consultants, we go into an extraordinary array of organisations’ security environments, all with very differing levels of maturity. Our clients consistently state a common desire:   “We need a SOC.” My last post on this topic focused on the operational considerations.  Now le…

March 29, 2018

SECURITY

Sign up for the Security Operations Center Tour at RSA Conference 2018

Free Expo-only Passes for RSA Conference 2018 The Security Operations Center (SOC) returns for RSA Conference 2018. You can register now for your free tour of the RSA Conference SOC, where engineers are monitoring all traffic on the Moscone Wireless Network for security threats. The SOC is sponsored…

May 31, 2017

SECURITY

The Significance of Log Sources to Building Effective Intelligence-Driven Incident Response

Many organizations today fail in adequately acquiring the necessary visibility across their network to perform efficient and effective Incident Response tasks, one of which is Intelligence-Driven Incident Response; defined as driving intelligence mechanisms to dig deeper into detecting, containing,…

April 4, 2017

SECURITY

Black Hat Asia 2017: SOC in the NOC

Detecting PowerShell Exploits Black Hat returned to Asia again in 2017, with two days of technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at the Briefings. The backbone of the conference was the WiFi network, built on site by staff from Ruckus.…

February 20, 2017

SECURITY

A Comparison of SOC Models for Today’s Need of Monitoring & Detecting the Latest Cyber Threats

At Cisco, we are often asked to take a vendor agnostic approach when developing a Security Operations Center (SOC) strategy, and as such, we must consider the importance of distinguishing between the various types of SOC models in today’s demanding security needs. However, before explaining the vari…