Security Operations Center: Building, Operating, and Maintaining your SOC (Paperback)

Security Operations Center

Building, Operating, and Maintaining Your SOC

The complete, practical guide to planning, building, and operating an effective Security Operations Center (SOC)

Security Operations Center is the complete guide to building, operating, and managing Security Operations Centers in any environment. Drawing on experience with hundreds of customers ranging from Fortune 500 enterprises to large military organizations, three leading experts thoroughly review each SOC model, including virtual SOCs. You’ll learn how to select the right strategic option for your organization, and then plan and execute the strategy you’ve chosen.

Security Operations Center walks you through every phase required to establish and run an effective SOC, including all significant people, process, and technology capabilities. The authors assess SOC technologies, strategy, infrastructure, governance, planning, implementation, and more. They take a holistic approach considering various commercial and open-source tools found in modern SOCs.

This best-practice guide is written for anybody interested in learning how to develop, manage, or improve a SOC. A background in network security, management, and operations will be helpful but is not required. It is also an indispensable resource for anyone preparing for the Cisco SCYBER exam.

·         Review high-level issues, such as vulnerability and risk management, threat intelligence, digital investigation, and data collection/analysis

·         Understand the technical components of a modern SOC

·         Assess the current state of your SOC and identify areas of improvement

·         Plan SOC strategy, mission, functions, and services

·         Design and build out SOC infrastructure, from facilities and networks to systems, storage, and physical security

·         Collect and successfully analyze security data

·         Establish an effective vulnerability management practice

·         Organize incident response teams and measure their performance

·         Define an optimal governance and staffing model

·         Develop a practical SOC handbook that people can actually use

·         Prepare SOC to go live, with comprehensive transition plans

·         React quickly and collaboratively to security incidents

·         Implement best practice security operations, including continuous enhancement and improvement

安全運營中心

建立、運營和維護您的安全運營中心

這是一本完整、實用的指南，教您如何計劃、建立和運營一個有效的安全運營中心（SOC）。本書涵蓋了各種SOC模型，包括虛擬SOC，並借鑒了從財富500強企業到大型軍事組織的數百個客戶的經驗。三位領先的專家對每個SOC模型進行了全面的評估。您將學習如何為組織選擇合適的戰略選項，並計劃和執行您選擇的策略。

《安全運營中心》一書將引導您完成建立和運營一個有效SOC所需的每個階段，包括所有重要的人員、流程和技術能力。作者們評估了SOC技術、戰略、基礎設施、治理、計劃、實施等方面。他們採用了全面的方法，考慮了現代SOC中各種商業和開源工具。

這本最佳實踐指南適用於任何有興趣學習如何開發、管理或改進SOC的人。對於具有網絡安全、管理和運營背景的人來說，這本書將非常有幫助，但不是必需的。對於準備參加思科SCYBER考試的人來說，這本書也是一個不可或缺的資源。

本書內容包括：

· 檢視高層次問題，如漏洞和風險管理、威脅情報、數字調查和數據收集/分析

· 了解現代SOC的技術組件

· 評估您的SOC的現狀，並確定改進的領域

· 計劃SOC的戰略、使命、功能和服務

· 設計和建立SOC基礎設施，包括設施、網絡、系統、存儲和物理安全

· 收集並成功分析安全數據

· 建立有效的漏洞管理實踐

· 組織事件應對團隊並衡量其績效

· 定義最佳的治理和人員配置模型

· 編寫一本實用的SOC手冊，供人們實際使用

· 為SOC準備上線，制定全面的過渡計劃

· 快速且協作地應對安全事件

· 實施最佳實踐的安全運營，包括持續改進和增強

以上是本書的內容概述。