Switch content of the page by the Role togglethe content would be changed according to the role
Modern Security Operations Center, The, 1st edition
Published by Addison-Wesley Professional (August 9, 2024) © 2024
- Joseph Muniz
eTextbook
C$72.49
- Available for purchase from all major ebook resellers, including InformIT.com.
- To request a review copy, click on the "Request a Review Copy" button.
C$74.99
- A print text (hardcover or paperback)Â
- Free shipping
- Also available for purchase as an ebook from all major ebook resellers, including InformIT.com
This is the definitive, vendor-neutral guide to building, maintaining, and operating a modern Security Operations Center (SOC). The authors introduce the SOC as a service provider, and show how to use your SOC to integrate and transform existing security practices, making them far more effective. This book covers:
- How SOCs have evolved, and the key considerations in deploying them today
- Key services SOCs can deliver, including organizational risk management, threat modeling, vulnerability assessment, incident response, investigation, forensics, and compliance
- People and process issues, including training, career development, job rotation, and hiring
- Centralizing and managing security data more effectively
- Threat intelligence and threat hunting
- Incident response, recovery, and vulnerability management
- Using data orchestration and playbooks to automate and control the response to any situation
- Advanced tools, including SIEM 2.0
- The future of SOCs, including AI-Assisted SOCs, machine learning, and training models
- All you need to know to effectively provide comprehensive security services through a modern SOC -- whether you are a manager, security professional, or network professional
- Covers the technical, people, process, and compliance issues required to make an SOC effective -- no matter whose technology you are using
- Includes full chapters on data centralization, data orchestration, threat intelligence, threat hunting, and many other key topics
- By three internationally renowned security, SOC, and networking experts
Preface
Chapter 1: Introducing Security Operations and the SOC
Introducing the SOC
Factors Leading to a Dysfunctional SOC
Cyberthreats
Investing in Security
The Impact of a Breach
Establishing a Baseline
   The Impact of Change
Fundamental Security Capabilities
   Signature Detection
   Behavior Detection
   Anomaly Detection
   Best of Breed vs. Defense in Depth
Standards, Guidelines, and Frameworks
   NIST Cybersecurity Framework
   ISO 3100:2018
   FIRST Service Frameworks
   Applying Frameworks
Industry Threat Models
   The Cyber Kill Chain Model
   The Diamond Model
   MITRE ATT&CK Model
   Choosing a Threat Model
Vulnerabilities and Risk
   Endless Vulnerabilities
Business Challenges
In-House vs. Outsourcing
   Services Advantages
   Services Disadvantages
   Hybrid Services
SOC Services
SOC Maturity Models
   SOC Maturity Assessment
   SOC Program Maturity
SOC Goals Assessment
   Defining Goals
   SOC Goals Ranking
   Threats Ranking
   SOC Goals Assessment Summarized
SOC Capabilities Assessment
   Capability Maps
   SOC Capabilities Gaps Analysis
   Capability Map Next Steps
SOC Development Milestones
Summary
References
Chapter 2: Developing a Security Operations Center
Mission Statement and Scope Statement
   Developing Mission and Scope Statements
   SOC Scope Statement
Developing a SOC
SOC Procedures
   Designing Procedures
Security Tools
   Evaluating Vulnerabilities
   Preventive Technologies
   Detection Technologies
   Mobile Device Security Concerns
Planning a SOC
   Capacity Planning
   Developing a Capacity Plan
Designing a SOC Facility
   Physical SOC vs. Virtual SOC
   SOC Location
   SOC Interior
   SOC Rooms
   SOC Computer Rooms
   SOC Layouts
Network Considerations
   Segmentation
   Logical Segmentation
   Choosing Segmentation
   Client/Server Segmentation
   Active Directory Segmentation
   Throughput
   Connectivity and Redundancy
Disaster Recovery
Security Considerations
   Policy and Compliance
   Network Access Control
   Encryption
Internal Security Tools
   Intrusion Detection and Prevention
   Network Flow and Capturing Packets
   Change Management
   Host Systems
Guidelines and Recommendations for Securing Your SOC Network
   Tool Collaboration
SOC Tools
   Reporting and Dashboards
   Throughput and Storage
   Centralized Data Management
Summary
References
Chapter 3: SOC Services
Fundamental SOC Services
   SOC Challenges
The Three Pillars of Foundational SOC Support Services
   Pillar 1: Work Environment
   Pillar 2: People
   Pillar 3: Technology
   Evaluating the Three Pillars of Foundational SOC Support Services
SOC Service Areas
   FIRST's CSIRT
   Developing SOC Service Areas
   In-House Services vs. External Services
   Contracted vs. Employee Job Roles
SOC Service Job Goals
   Resource Planning
Service Maturity: If You Build It, They Will Come
SOC Service 1: Risk Management
   Four Responses to Risk
   Reducing Risk
   Addressing Risk
SOC Service 2: Vulnerability Management
   Vulnerability Management Best Practice
   Vulnerability Scanning Tools
   Penetration Testing
SOC Service 3: Compliance
   Meeting Compliance with Audits
SOC Service 4: Incident Management
   NIST Special Publication 800-61 Revision 2
   Incident Response Planning
   Incident Impact
   Playbooks
SOC Service 5: Analysis
   Static Analysis
   Dynamic Analysis
SOC Service 6: Digital Forensics
SOC Service 7: Situational and Security Awareness
   User Training
SOC Service 8: Research and Development
Summary
References
Chapter 4: People and Process
Career vs. Job
Developing Job Roles
   General Schedule Pay Scale
   IT Industry Job Roles
   Common IT Job Roles
SOC Job Roles
   Security Analyst
   Penetration Tester
   Assessment Officer
   Incident Responder
   Systems Analyst
   Security Administrator
   Security Engineer
   Security Trainer
   Security Architect
   Cryptographer/Cryptologist
   Forensic Engineer
   Chief Information Security Officer
NICE Cybersecurity Workforce Framework
   Nice Framework Components
Role Tiers
SOC Services and Associated Job Roles
   Risk Management Service
   Vulnerability Management Service
   Incident Management Service
   Analysis Service
   Compliance Service
   Digital Forensics Service
   Situational and Security Awareness Service
   Research and Development Service
Soft Skills
   Evaluating Soft Skills
   SOC Soft Skills
Security Clearance Requirements
Pre-Interviewing
Interviewing
   Interview Prompter
   Post Interview
Onboarding Employees
   Onboarding Requirements
Managing People
Job Retention
Training
   Training Methods
Certifications
Company Culture
Summary
References
Chapter 5: Centralizing Data
Data in the SOC
   Strategic and Tactical Data
   Data Structure
   Data Types
   Data Context
Data-Focused Assessment
   Data Assessment Example: Antivirus
   Threat Mapping Data
   Applying Data Assessments to SOC Services
Logs
   Log Types
   Log Formats
Security Information and Event Management
   SIEM Data Processing
   Data Correlation
   Data Enrichment
   SIEM Solution Planning
   SIEM Tuning
Troubleshooting SIEM Logging
   SIEM Troubleshooting Part 1: Data Input
   SIEM Troubleshooting Part 2: Data Processing and Validation
   SIEM Troubleshooting Examples
   Additional SIEM Features
APIs
   Leveraging APIs
   API Architectures
   API Examples
Big Data
   Hadoop
   Big Data Threat Feeds
Machine Learning
   Machine Learning in Cybersecurity
   Artificial Intelligence
   Machine Learning Models
Summary
References
Chapter 6: Reducing Risk and Exceeding Compliance
Why Exceeding Compliance
Policies
   Policy Overview
   Policy Purpose
   Policy Scope
   Policy Statement
   Policy Compliance
   Related Standards, Policies, Guidelines, and Processes
   Definitions and Terms
   History
Launching a New Policy
   Steps for Launching a New Policy
Policy Enforcement
   Certification and Accreditation
Procedures
   Procedure Document
Tabletop Exercise
   Tabletop Exercise Options
   Tabletop Exercise Execution
   Tabletop Exercise Format
   Tabletop Exercise Template Example
Standards, Guidelines, and Frameworks
   NIST Cybersecurity Framework
   ISO/IEC 27005
   CIS Controls
   ISACA COBIT 2019
   FIRST CSIRT Services Framework
   Exceeding Compliance
Audits
   Audit Example
   Internal Audits
   External Auditors
   Audit Tools
Assessments
   Assessment Types
   Assessment Results
   Assessment Template
   Vulnerability Scanners
   Assessment Program Weaknesses
Penetration Test
   NIST Special Publication 800-115
   Additional NIST SP 800-115 Guidance
   Penetration Testing Types
   Penetration Testing Planning
Industry Compliance
   Compliance Requirements
Summary
References
Chapter 7: Threat Intelligence
Threat Intelligence Overview
   Threat Data
Threat Intelligence Categories
   Strategic Threat Intelligence
   Tactical Threat Intelligence
   Operational Threat Intelligence
   Technical Threat Intelligence
Threat Intelligence Context
   Threat Context
Evaluating Threat Intelligence
   Threat Intelligence Checklist
   Content Quality
   Testing Threat Intelligence
Planning a Threat Intelligence Project
   Data Expectations for Strategic Threat Intelligence
   Data Expectations for Tactical Threat Intelligence
   Data Expectations for Operational Threat Intelligence
   Data Expectations for Technical Threat Intelligence
Collecting and Processing Intelligence
   Processing Nontechnical Data
   Operational Data and Web Processing
   Technical Processing
   Technical Threat Intelligence Resources
Actionable Intelligence
   Security Tools and Threat Intelligence
Feedback
Summary
References
Chapter 8: Threat Hunting and Incident Response
Security Incidents
Incident Response Lifecycle
Phase 1: Preparation
   Assigning Tasks with Playbooks
   Communication
   Third-Party Interaction
   Law Enforcement
   Law Enforcement Risk
   Ticketing Systems
   Other Incident Response Planning Templates
   Phase 1: Preparation Summary
Phase 2: Detection and Analysis
   Incident Detection
   Core Security Capabilities
   Threat Analysis
   Detecting Malware Behavior
   Infected Systems
   Analyzing Artifacts
   Identifying Artifact Types
   Packing Files
   Basic Static Analysis
   Advanced Static Analysis
   Dynamic Analysis
   Phase 2: Detection and Analysis Summary
Phase 3: Containment, Eradication, and Recovery
   Containment
   Responding to Malware
   Threat Hunting Techniques
   Eradicate
   Recovery
Digital Forensics
   Digital Forensic Process
   First Responder
   Chain of Custody
   Working with Evidence
   Duplicating Evidence
   Hashes
   Forensic Static Analysis
   Recovering Data
   Forensic Dynamic Analysis
   Digital Forensics Summary
   Phase 3: Containment, Eradication, and Recovery Summary
Phase 4: Post-Incident Activity
   Post-Incident Response Process
   Phase 4: Post-Incident Response Summary
Incident Response Guidelines
   FIRST Services Frameworks
Summary
References
Chapter 9: Vulnerability Management
Vulnerability Management
   Phase 1: Asset Inventory
   Phase 2: Information Management
   Phase 3: Risk Assessment
   Phase 4: Vulnerability Assessment
   Phase 5: Report and Remediate
   Phase 6: Respond and Repeat
Measuring Vulnerabilities
   Common Vulnerabilities and Exposures
   Common Vulnerability Scoring System
   CVSS Standards
Vulnerability Technology
   Vulnerability Scanners
   Currency and Coverage
   Tuning Vulnerability Scanners
   Exploitation Tools
   Asset Management and Compliance Tools
   Network Scanners and Network Access Control
   Threat Detection Tools
Vulnerability Management Service
   Scanning Services
   Vulnerability Management Service Roles
   Vulnerability Evaluation Procedures
Vulnerability Response
   Vulnerability Accuracy
   Responding to Vulnerabilities
   Cyber Insurance
   Patching Systems
   Residual Risk
   Remediation Approval
   Reporting
   Exceptions
Vulnerability Management Process Summarized
Summary
References
Chapter 10: Data Orchestration
Introduction to Data Orchestration
   Comparing SIEM and SOAR
   The Rise of XDR
Security Orchestration, Automation, and Response
   SOAR Example: Phantom
Endpoint Detection and Response
   EDR Example: CrowdStrike
Playbooks
   Playbook Components
   Constructing Playbooks
   Incident Response Consortium
   Playbook Examples: Malware Outbreak
Automation
   Automating Playbooks
   Common Targets for Automation
   Automation Pitfalls
   Playbook Workflow
DevOps Programming
   Data Management
   Text-File Formats
   Common Data Formats
   Data Modeling
DevOps Tools
   DevOps Targets
   Manual DevOps
   Automated DevOps
   DevOps Lab Using Ansible
   Ansible Playbooks
Blueprinting with Osquery
   Running Osquery
Network Programmability
   Learning NetDevOps
   APIs
   NetDevOps Example
Cloud Programmability
   Orchestration in the Cloud
   Amazon DevOps
   SaaS DevOps
Summary
References
Chapter 11: Future of the SOC
All Eyes on SD-WAN and SASE
   VoIP Adoption As Prologue to SD-WAN Adoption
   Introduction of SD-WAN
   Challenges with the Traditional WAN
   SD-WAN to the Rescue
   SASE Solves SD-WAN Problems
   SASE Defined
   Future of SASE
IT Services Provided by the SOC
   IT Operations Defined
   Hacking IT Services
   IT Services Evolving
   Future of IT Services
Future of Training
   Training Challenges
   Training Today
   Case Study: Training I Use Today
   Free Training
   Gamifying Learning
   On-Demand and Personalized Learning
   Future of Training
Full Automation with Machine Learning
   Machine Learning
   Machine Learning Hurdles
   Machine Learning Applied
   Training Machine Learning
   Future of Machine Learning
Future of Your SOC: Bringing It All Together
   Your Future Facilities and Capabilities
   Group Tags
   Your Future SOC Staff
   Audits, Assessments, and Penetration Testing
   Future Impact to Your Services
   Hunting for Tomorrow's Threats
Summary
References
9780135619858Â Â TOCÂ Â Â 3/24/2021
Chapter 1: Introducing Security Operations and the SOC
Introducing the SOC
Factors Leading to a Dysfunctional SOC
Cyberthreats
Investing in Security
The Impact of a Breach
Establishing a Baseline
   The Impact of Change
Fundamental Security Capabilities
   Signature Detection
   Behavior Detection
   Anomaly Detection
   Best of Breed vs. Defense in Depth
Standards, Guidelines, and Frameworks
   NIST Cybersecurity Framework
   ISO 3100:2018
   FIRST Service Frameworks
   Applying Frameworks
Industry Threat Models
   The Cyber Kill Chain Model
   The Diamond Model
   MITRE ATT&CK Model
   Choosing a Threat Model
Vulnerabilities and Risk
   Endless Vulnerabilities
Business Challenges
In-House vs. Outsourcing
   Services Advantages
   Services Disadvantages
   Hybrid Services
SOC Services
SOC Maturity Models
   SOC Maturity Assessment
   SOC Program Maturity
SOC Goals Assessment
   Defining Goals
   SOC Goals Ranking
   Threats Ranking
   SOC Goals Assessment Summarized
SOC Capabilities Assessment
   Capability Maps
   SOC Capabilities Gaps Analysis
   Capability Map Next Steps
SOC Development Milestones
Summary
References
Chapter 2: Developing a Security Operations Center
Mission Statement and Scope Statement
   Developing Mission and Scope Statements
   SOC Scope Statement
Developing a SOC
SOC Procedures
   Designing Procedures
Security Tools
   Evaluating Vulnerabilities
   Preventive Technologies
   Detection Technologies
   Mobile Device Security Concerns
Planning a SOC
   Capacity Planning
   Developing a Capacity Plan
Designing a SOC Facility
   Physical SOC vs. Virtual SOC
   SOC Location
   SOC Interior
   SOC Rooms
   SOC Computer Rooms
   SOC Layouts
Network Considerations
   Segmentation
   Logical Segmentation
   Choosing Segmentation
   Client/Server Segmentation
   Active Directory Segmentation
   Throughput
   Connectivity and Redundancy
Disaster Recovery
Security Considerations
   Policy and Compliance
   Network Access Control
   Encryption
Internal Security Tools
   Intrusion Detection and Prevention
   Network Flow and Capturing Packets
   Change Management
   Host Systems
Guidelines and Recommendations for Securing Your SOC Network
   Tool Collaboration
SOC Tools
   Reporting and Dashboards
   Throughput and Storage
   Centralized Data Management
Summary
References
Chapter 3: SOC Services
Fundamental SOC Services
   SOC Challenges
The Three Pillars of Foundational SOC Support Services
   Pillar 1: Work Environment
   Pillar 2: People
   Pillar 3: Technology
   Evaluating the Three Pillars of Foundational SOC Support Services
SOC Service Areas
   FIRST's CSIRT
   Developing SOC Service Areas
   In-House Services vs. External Services
   Contracted vs. Employee Job Roles
SOC Service Job Goals
   Resource Planning
Service Maturity: If You Build It, They Will Come
SOC Service 1: Risk Management
   Four Responses to Risk
   Reducing Risk
   Addressing Risk
SOC Service 2: Vulnerability Management
   Vulnerability Management Best Practice
   Vulnerability Scanning Tools
   Penetration Testing
SOC Service 3: Compliance
   Meeting Compliance with Audits
SOC Service 4: Incident Management
   NIST Special Publication 800-61 Revision 2
   Incident Response Planning
   Incident Impact
   Playbooks
SOC Service 5: Analysis
   Static Analysis
   Dynamic Analysis
SOC Service 6: Digital Forensics
SOC Service 7: Situational and Security Awareness
   User Training
SOC Service 8: Research and Development
Summary
References
Chapter 4: People and Process
Career vs. Job
Developing Job Roles
   General Schedule Pay Scale
   IT Industry Job Roles
   Common IT Job Roles
SOC Job Roles
   Security Analyst
   Penetration Tester
   Assessment Officer
   Incident Responder
   Systems Analyst
   Security Administrator
   Security Engineer
   Security Trainer
   Security Architect
   Cryptographer/Cryptologist
   Forensic Engineer
   Chief Information Security Officer
NICE Cybersecurity Workforce Framework
   Nice Framework Components
Role Tiers
SOC Services and Associated Job Roles
   Risk Management Service
   Vulnerability Management Service
   Incident Management Service
   Analysis Service
   Compliance Service
   Digital Forensics Service
   Situational and Security Awareness Service
   Research and Development Service
Soft Skills
   Evaluating Soft Skills
   SOC Soft Skills
Security Clearance Requirements
Pre-Interviewing
Interviewing
   Interview Prompter
   Post Interview
Onboarding Employees
   Onboarding Requirements
Managing People
Job Retention
Training
   Training Methods
Certifications
Company Culture
Summary
References
Chapter 5: Centralizing Data
Data in the SOC
   Strategic and Tactical Data
   Data Structure
   Data Types
   Data Context
Data-Focused Assessment
   Data Assessment Example: Antivirus
   Threat Mapping Data
   Applying Data Assessments to SOC Services
Logs
   Log Types
   Log Formats
Security Information and Event Management
   SIEM Data Processing
   Data Correlation
   Data Enrichment
   SIEM Solution Planning
   SIEM Tuning
Troubleshooting SIEM Logging
   SIEM Troubleshooting Part 1: Data Input
   SIEM Troubleshooting Part 2: Data Processing and Validation
   SIEM Troubleshooting Examples
   Additional SIEM Features
APIs
   Leveraging APIs
   API Architectures
   API Examples
Big Data
   Hadoop
   Big Data Threat Feeds
Machine Learning
   Machine Learning in Cybersecurity
   Artificial Intelligence
   Machine Learning Models
Summary
References
Chapter 6: Reducing Risk and Exceeding Compliance
Why Exceeding Compliance
Policies
   Policy Overview
   Policy Purpose
   Policy Scope
   Policy Statement
   Policy Compliance
   Related Standards, Policies, Guidelines, and Processes
   Definitions and Terms
   History
Launching a New Policy
   Steps for Launching a New Policy
Policy Enforcement
   Certification and Accreditation
Procedures
   Procedure Document
Tabletop Exercise
   Tabletop Exercise Options
   Tabletop Exercise Execution
   Tabletop Exercise Format
   Tabletop Exercise Template Example
Standards, Guidelines, and Frameworks
   NIST Cybersecurity Framework
   ISO/IEC 27005
   CIS Controls
   ISACA COBIT 2019
   FIRST CSIRT Services Framework
   Exceeding Compliance
Audits
   Audit Example
   Internal Audits
   External Auditors
   Audit Tools
Assessments
   Assessment Types
   Assessment Results
   Assessment Template
   Vulnerability Scanners
   Assessment Program Weaknesses
Penetration Test
   NIST Special Publication 800-115
   Additional NIST SP 800-115 Guidance
   Penetration Testing Types
   Penetration Testing Planning
Industry Compliance
   Compliance Requirements
Summary
References
Chapter 7: Threat Intelligence
Threat Intelligence Overview
   Threat Data
Threat Intelligence Categories
   Strategic Threat Intelligence
   Tactical Threat Intelligence
   Operational Threat Intelligence
   Technical Threat Intelligence
Threat Intelligence Context
   Threat Context
Evaluating Threat Intelligence
   Threat Intelligence Checklist
   Content Quality
   Testing Threat Intelligence
Planning a Threat Intelligence Project
   Data Expectations for Strategic Threat Intelligence
   Data Expectations for Tactical Threat Intelligence
   Data Expectations for Operational Threat Intelligence
   Data Expectations for Technical Threat Intelligence
Collecting and Processing Intelligence
   Processing Nontechnical Data
   Operational Data and Web Processing
   Technical Processing
   Technical Threat Intelligence Resources
Actionable Intelligence
   Security Tools and Threat Intelligence
Feedback
Summary
References
Chapter 8: Threat Hunting and Incident Response
Security Incidents
Incident Response Lifecycle
Phase 1: Preparation
   Assigning Tasks with Playbooks
   Communication
   Third-Party Interaction
   Law Enforcement
   Law Enforcement Risk
   Ticketing Systems
   Other Incident Response Planning Templates
   Phase 1: Preparation Summary
Phase 2: Detection and Analysis
   Incident Detection
   Core Security Capabilities
   Threat Analysis
   Detecting Malware Behavior
   Infected Systems
   Analyzing Artifacts
   Identifying Artifact Types
   Packing Files
   Basic Static Analysis
   Advanced Static Analysis
   Dynamic Analysis
   Phase 2: Detection and Analysis Summary
Phase 3: Containment, Eradication, and Recovery
   Containment
   Responding to Malware
   Threat Hunting Techniques
   Eradicate
   Recovery
Digital Forensics
   Digital Forensic Process
   First Responder
   Chain of Custody
   Working with Evidence
   Duplicating Evidence
   Hashes
   Forensic Static Analysis
   Recovering Data
   Forensic Dynamic Analysis
   Digital Forensics Summary
   Phase 3: Containment, Eradication, and Recovery Summary
Phase 4: Post-Incident Activity
   Post-Incident Response Process
   Phase 4: Post-Incident Response Summary
Incident Response Guidelines
   FIRST Services Frameworks
Summary
References
Chapter 9: Vulnerability Management
Vulnerability Management
   Phase 1: Asset Inventory
   Phase 2: Information Management
   Phase 3: Risk Assessment
   Phase 4: Vulnerability Assessment
   Phase 5: Report and Remediate
   Phase 6: Respond and Repeat
Measuring Vulnerabilities
   Common Vulnerabilities and Exposures
   Common Vulnerability Scoring System
   CVSS Standards
Vulnerability Technology
   Vulnerability Scanners
   Currency and Coverage
   Tuning Vulnerability Scanners
   Exploitation Tools
   Asset Management and Compliance Tools
   Network Scanners and Network Access Control
   Threat Detection Tools
Vulnerability Management Service
   Scanning Services
   Vulnerability Management Service Roles
   Vulnerability Evaluation Procedures
Vulnerability Response
   Vulnerability Accuracy
   Responding to Vulnerabilities
   Cyber Insurance
   Patching Systems
   Residual Risk
   Remediation Approval
   Reporting
   Exceptions
Vulnerability Management Process Summarized
Summary
References
Chapter 10: Data Orchestration
Introduction to Data Orchestration
   Comparing SIEM and SOAR
   The Rise of XDR
Security Orchestration, Automation, and Response
   SOAR Example: Phantom
Endpoint Detection and Response
   EDR Example: CrowdStrike
Playbooks
   Playbook Components
   Constructing Playbooks
   Incident Response Consortium
   Playbook Examples: Malware Outbreak
Automation
   Automating Playbooks
   Common Targets for Automation
   Automation Pitfalls
   Playbook Workflow
DevOps Programming
   Data Management
   Text-File Formats
   Common Data Formats
   Data Modeling
DevOps Tools
   DevOps Targets
   Manual DevOps
   Automated DevOps
   DevOps Lab Using Ansible
   Ansible Playbooks
Blueprinting with Osquery
   Running Osquery
Network Programmability
   Learning NetDevOps
   APIs
   NetDevOps Example
Cloud Programmability
   Orchestration in the Cloud
   Amazon DevOps
   SaaS DevOps
Summary
References
Chapter 11: Future of the SOC
All Eyes on SD-WAN and SASE
   VoIP Adoption As Prologue to SD-WAN Adoption
   Introduction of SD-WAN
   Challenges with the Traditional WAN
   SD-WAN to the Rescue
   SASE Solves SD-WAN Problems
   SASE Defined
   Future of SASE
IT Services Provided by the SOC
   IT Operations Defined
   Hacking IT Services
   IT Services Evolving
   Future of IT Services
Future of Training
   Training Challenges
   Training Today
   Case Study: Training I Use Today
   Free Training
   Gamifying Learning
   On-Demand and Personalized Learning
   Future of Training
Full Automation with Machine Learning
   Machine Learning
   Machine Learning Hurdles
   Machine Learning Applied
   Training Machine Learning
   Future of Machine Learning
Future of Your SOC: Bringing It All Together
   Your Future Facilities and Capabilities
   Group Tags
   Your Future SOC Staff
   Audits, Assessments, and Penetration Testing
   Future Impact to Your Services
   Hunting for Tomorrow's Threats
Summary
References
9780135619858Â Â TOCÂ Â Â 3/24/2021
Joseph Muniz is an architect and security researcher in the Cisco Security Sales and Engineering Organization. He is driven by making the world a safer place through education and adversary research. Joseph has extensive experience in designing security solutions and architectures as a trusted advisor for top Fortune 500 corporations and the U.S. government.
Joseph is a researcher and industry thought leader. He speaks regularly at international conferences, writes for technical magazines, and is involved with developing training for various industry certifications. He invented the fictitious character of Emily Williams to create awareness around social engineering. Joseph runs The Security Blogger website, a popular resource for security and product implementation. He is the author and contributor of several publications including titles ranging from security best practices to exploitation tactics.
When Joseph is not using technology, you can find him on the fútbol (soccer) field or raising the next generation of hackers, also known as his children. Follow Joseph at https://www.thesecurityblogger.com and @SecureBlogger
Need help? Get in touch
Play
Privacy and cookies
By watching, you agree Pearson can share your viewership data for marketing and analytics for one year, revocable by deleting your cookies.
Pearson eTextbook: What’s on the inside just might surprise you
They say you can’t judge a book by its cover. It’s the same with your students. Meet each one right where they are with an engaging, interactive, personalized learning experience that goes beyond the textbook to fit any schedule, any budget, and any lifestyle.Â