security-operation-center
The Return of the Baby ASO: Why SOCs Still Suck?
“Flickering screens, a sickly, yellow glow. Humming servers, a constant, low thrum of digital malaise. Alerts screamed into the void, a cacophony of meaningless noise, lost in the echoing expanse of our ...
A Fair Weather SOC: 5 Signs It’s Time to Panic (and Fix It!)
A fair-weather SOC by Meta AIDo you have a fair-weather friend? Or two?Fair weather friend (via Google)OK, do you also have a fair-weather SOC?This train of thought was inspired by reading pilot forums about how ...
A Brief Guide for Dealing with ‘Humanless SOC’ Idiots
image by Meta.AI lampooning humanless SOCMy former “colleagues” have written several serious pieces of research about why a SOC without humans will never happen (“Predict 2025: There Will Never Be an Autonomous ...
New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)
After a long, long, long writing effort … eh … break, we are ready with our 5th Deloitte and Google Cloud Future of the SOC paper “Future of SOC: Transform the ‘How’.”As a reminder (and ...
Anton’s Alert Fatigue: The Study
Mention “alert fatigue” to a SOC analyst. They would immediately recognize what you are talking about. Now, take your time machine to 2002. Find a SOC analyst (much fewer of those around, ...
Closing the Gaps: How Attack Path Management Improves Vulnerability Management Programs
In conversation: Pete McKernan & Luke LuckettAs organizations seek to wrap their arms around potential cybersecurity exposures, CIOs and CISOs are increasingly pushing their vulnerability management teams to widen scope. With such a ...
Not a SOC FAQ! This is SOC FMD!
Somebody asked me this profound question that (a) I feel needs an answer and that (b) I’ve never answered in the past:If you run a SOC (or an equivalent D&R team), what things ...
Learn Modern SOC and D&R Practices Using Autonomic Security Operations (ASO) Principles
Learn Modern SOC and D&R practices for free from Google! Yes, really! That’s the message. Join *hundreds* of others who already signed up!Now, with full details….After some ungodly amount of work, the original ...
The Impending SIEM Wars: What Market Consolidation Means for Customers
The cybersecurity landscape is rapidly evolving, and nowhere is this more evident than in the Security Information and Event Management (SIEM) market. This period of transformation, marked by strategic mergers and high-stakes ...
Baby ASO: A Minimal Viable Transformation for Your SOC
Vaguely relevant but very cyber image from Dall-EOne pattern I spotted after looking at the evolution of IT and security organizations over the years, including my time at Gartner is: change is hard, ...
