Given the increase in sophisticated attacks, CISOs are constantly working toward developing detection, response and recovery capabilities, while prevention tops the wish list.
The Security Operations Center has been the foundation for incident detection and response, but its effectiveness is being questioned.
There's a need to move to a next-gen SOC or alternatively termed as CSOC (cybersecurity operations center), which is proactive in detecting threats. This can be done by integrating analytic, hunting and threat intelligence functions with traditional SOC functions of engineering, incident analysis and response.
The session details:
- Necessary ingredients to build a CSOC that helps in proactive monitoring and management capabilities;
- Tools for detection and quick response combined with sound analytics;
- Components of a risk analysis engine and discover patterns.