Presented at
Kernelcon 2019,
April 5, 2019, 3:40 p.m.
(20 minutes).
There are many ways to organize a Security Operations Center (SOC). Among the most pervasive models is the 3-tier SOC model. This talk explores one organization's journey to transform away from a 3-tier SOC model to a functional SOC model focused on Detection, Monitoring, and Response. Discussion includes reasons for making the change and lessons learned along the way.
Presenters:
-
Kevin Houle
Kevin has a 29 year career spanning the telecom/ISP, CSIRT, security vendor, and enterprise security spaces. He's helped build ISPs, applied research programs, security research teams, threat intelligence capabilities, and security operations centers. In his spare time he enjoys family, woodworking, and boating.
Links:
Similar Presentations: