Security Operations Center
Black Hat USA 2019 Network Operations Center
Cisco Security is honored to be a supporting partner for the Black Hat USA 2019 Network Operations Center (NOC) for the third year; joining conference producer Informa Tech (formerly UBM) and its other security partners: RSA Security, Palo Alto Networks, Ruckus, CenturyLink and Gigamon. Cisco provid…
When you request a .jpg and get ransomware
Security Operations Center at RSAC APJ 2019 For the 3rd year, RSAConference 2019 APJ created an educational exhibit, sponsored by RSA, Cisco and M.Tech, to monitor the RSA Conference public Wi-Fi network provided by the Marina Bay Sands (MBS). This exhibit was created in the form of the RSA Conferen…
5 Cybersecurity Trends to Watch
As we are about to enter another RSA conference, it is a good time to reflect on what changes we are seeing in the cybersecurity space. Between now and RSA 2020, here are five trends that I expect to see rise to the top. 1. New world application security takes off. There is a traditional way of thi…
Happy Birthday, Threat Response: Only a year old, but boy have you seen some things!
Cisco Threat Response: For security analysts, by one of their own The work of a security analyst is arduous and time consuming but rewarding too. I know, I spent a good part of my career sitting in a seat, investigating and responding to threats in a Security Operations Center (SOC). I spent way too…
So You Want To Build A SOC: Security Intelligence and Technical Considerations (Part 2)
As security consultants, we go into an extraordinary array of organisations’ security environments, all with very differing levels of maturity. Our clients consistently state a common desire: “We need a SOC.” My last post on this topic focused on the operational considerations. Now le…
Sign up for the Security Operations Center Tour at RSA Conference 2018
Free Expo-only Passes for RSA Conference 2018 The Security Operations Center (SOC) returns for RSA Conference 2018. You can register now for your free tour of the RSA Conference SOC, where engineers are monitoring all traffic on the Moscone Wireless Network for security threats. The SOC is sponsored…
The Significance of Log Sources to Building Effective Intelligence-Driven Incident Response
Many organizations today fail in adequately acquiring the necessary visibility across their network to perform efficient and effective Incident Response tasks, one of which is Intelligence-Driven Incident Response; defined as driving intelligence mechanisms to dig deeper into detecting, containing,…
Black Hat Asia 2017: SOC in the NOC
Detecting PowerShell Exploits Black Hat returned to Asia again in 2017, with two days of technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at the Briefings. The backbone of the conference was the WiFi network, built on site by staff from Ruckus.…
A Comparison of SOC Models for Today’s Need of Monitoring & Detecting the Latest Cyber Threats
At Cisco, we are often asked to take a vendor agnostic approach when developing a Security Operations Center (SOC) strategy, and as such, we must consider the importance of distinguishing between the various types of SOC models in today’s demanding security needs. However, before explaining the vari…