SOC It 2 Me

Presented at SAINTCON 2019, Oct. 22, 2019, 2:30 p.m. (60 minutes)

A SOC II attestation is needed for companies offer SaaS. It's a third party letter that says you take care of your infrastructure, your data, your availability, privacy, and that all your ducks are in a row. It's a daunting process, and in all my experiences, the big question is "what is covered?" and "what do we need to do to be ready?" This talk is to pull back the curtain for all the companies that think they might need to have one, and for those that see the audit coming up on the calendar and want to get a head start.

Presenters:

• Sean Jackson - Solutionreach
  Sean has been active in the Utah InfoSec scene for many years. He enjoys CTFs, good food, good friends, and his family, but not in that order. He believes everyone has a place in InfoSec, no matter their color, gender, preferences, or disposition. That last one is the hardest one to be ok with, amiright?

Links:

• https://saintcon2019.sched.com/event/W6TE/soc-it-2-me
• https://infocon.org/cons/SAINTCON/SAINTCON 2019/Sean Jackson - SOC It 2 Me.mp4
• https://infocon.org/cons/SAINTCON/SAINTCON 2019/Sean Jackson - SOC It 2 Me.eng.srt (subtitles)
• https://www.youtube.com/watch?v=PsM-5q3nd68

Similar Presentations:

• NolaCon 2022 / Build your first SOC
• PancakesCon 3 (2022) Virtual / Boring Solutions Are Your Friend – In Infosec And Painting
• DerbyCon 2.0 Reunion (2012) / How to create a one man SOC