Register for this session HERE
Presentation Abstract:Hyper-connectivity is at an all-time high considering advances in Industry 4.0 coupled with increased remote workload migration in recent day. It’s safe for one to surmise that security operations has yet to catch up with some innovations that’ve been pushed out the door too fast. A lot of these innovative measures are employed by businesses to essentially save themselves by crafting new services or simply enabling more internet driven accessibility to handle an already existing service.
This drives need to increase deployment of what’s arguably the weakest point in many security strategies (at least those I’ve consulted with), which is enacting a Security Operations Center (SOC) to enable insight to existing threats and keep constant measure of the organization’s security posture.
The hard truth is that a lot of orgs cannot afford an expensive SIEM tool or justify on boarding of a full-fledged SOC team, yet their relative security are crucial to their operations. All the while a majority of security compliance standards require “eyes on events & data” measures. This becomes a hindrance on some businesses and organizations to which they might begrudgingly employ a half-hearted attempt with minimal effort, or they might not even know where to start. This is where the introduction to open-source solutions come in. In this presentation I will cover:
- What is SOC? - Processes, People & Technology
- Open Source - Gathering proper tools to build a SIEM solution purpose-built just for you
- Considerations & Procedures - Tailoring the pieces to fit your use case(es)
- Resilience - Strategizing best practices to keep your SOC up and running through thick and thin
