Название: Open-Source Security Operations Center (SOC): A Complete Guide to Establishing, Managing, and Maintaining a Modern SOC
Автор: Alfred Basta, Nadine Basta, Waqar Anwar, Mohammad Ilyas Essar
Издательство: Wiley
Год: 2025
Страниц: 480
Язык: английский
Формат: pdf, azw3, epub (true), mobi
Размер: 10.1 MB

A comprehensive and up-to-date exploration of implementing and managing a security operations center in an open-source environment.

In Open-Source Security Operations Center (SOC): A Complete Guide to Establishing, Managing, and Maintaining a Modern SOC, a team of veteran cybersecurity practitioners delivers a practical and hands-on discussion of how to set up and operate a security operations center (SOC) in a way that integrates and optimizes existing security procedures. You'll explore how to implement and manage every relevant aspect of cybersecurity, from foundational infrastructure to consumer access points.

In the book, the authors explain why industry standards have become necessary and how they have evolved – and will evolve – to support the growing cybersecurity demands in this space.

SOCs use a variety of tools and technologies, including security information and event management (SIEM) systems, intrusion detection and prevention systems (IDPSs), threat intelligence platforms, and endpoint detection and response (EDR) solutions, to accomplish the objectives they want to achieve. SOC team members utilize these technologies to detect, investigate, and respond to security incidents.

Readers will also find:
• A modular design that facilitates use in a variety of classrooms and instructional settings
• Detailed discussions of SOC tools used for threat prevention and detection, including vulnerability assessment, behavioral monitoring, and asset discovery
• Hands-on exercises, case studies, and end-of-chapter questions to enable learning and retention

Perfect for cybersecurity practitioners and software engineers working in the industry, Open-Source Security Operations Center (SOC) will also prove invaluable to managers, executives, and directors who seek a better technical understanding of how to secure their networks and products.

The book is organized to teach SOC analysis in a systematic and progressive manner. It contains fifteen chapters covering various aspects of SOC operations and analysis. Listed below is a synopsis of the book’s structure:
• Chapter 1 is an introduction to SOC analysis, presenting a preview of the subsequent chapters and the significance of SOC analysis in modern cybersecurity.
• Chapter 2 emphasizes security fundamentals, including fundamental concepts and controls that serve as the foundation for effective SOC operations. Includes an introduction to security fundamentals and networking fundamentals.
• Chapter 3 covers the basic principles of SOCs, including their definition, evolution, and analyst roles and responsibilities. In addition, it examines SOC team structures and hierarchies and emphasizes the essential SOC tools and technologies.
• Chapter 4 addresses security incident response, including the incident response lifecycle, incident handling, and investigation techniques, the role of threat intelligence in incident response, incident response documentation and reporting, and post-incident analysis and lessons learned.
...
• Chapter 15 ends with a discussion of emerging trends and the future of SOC analysis. It examines the evolving threat landscape, the intersection of cloud security and SOC operations, developments in artificial intelligence (AI) and ML, and the future directions for SOC analysis. It provides insights into these topics.








[related-news] [/related-news]