Security Operations Center (SOC) Explained
ฝัง
- เผยแพร่เมื่อ 1 พ.ค. 2023
- IBM Security QRadar Suite: ibm.biz/Securi...
Security Operations Center (SOC) : ibm.biz/Securi...
If you have a problem in cybersecurity, where do you turn? Modern organizations have a "SOC" or security operations center. Its mission is focused on detection and response; in this video, Jeff "the security guy" Crume explains the people, process, and tools involved. To ground the discussion, Jeff presents three security incidents and explains how they're handled by the SOC.
Get started for free on IBM Cloud → ibm.biz/ibm-cl...
Subscribe to see more videos like this in the future → ibm.biz/subscri...
#AI #Software #Dev #lightboard #IBM #JeffCrume #QRadar #SOC
one of the best video i have seen so far in SOC - easy to understand and follow
I especially like this teacher‘s lecture style, which is easy to understand and gives vivid examples!!! Update more 😮
Thanks so much for the kind complements!
I‘m Chinese and I can’t speak English. I‘m reading your course with automatic translation. 😁
It's a blessing to have a teacher like you sir! Really great concepts, Thankyou!!!!
Excellent delivery
Thank you!
Love it, great explainer ❤ keep up the great work!!
This was excellent, thanks for sharing.
Thank you so much professor
You’re very welcome!
It would be helpful to show how the Incident Response Team (IRT) works with the SOC. Some IRTs have an operational objective of being the Threat Hunters or Pen Tests.
Good idea. I’ll consider that for a future video
Nicely simplified.
Short and sweet
You're leaving Prevention aside.
Is the soc not evaluating and using lists of known bad actors to pre filter their traffic or help automate response in the siem?
Ma man you're the best
You’re very kind to say so!
Thank you
Very good! Thank you
thanks
Can you share your screen and show what do you really mean?
Haven't used a SOAR. Had Cases where T1s are doing T2/T3 and Threat hunters work load is already astounding.
Yet to see how many companies do avail the bare minimum for compliance, that must be a wow.
literally had occurrence where clients are knowledgeable more than the vendor support.
How is burnout outlook for cyb personnel in this industry for the next 10 years?
It surely is sending a fraction of people to switch to red team work and skillset, or go grey. That itself is already a risk to the industry is it not?
Skill personnel shortage, out of scope work, burnout rates. Misconfigured MSP Teams...
Cyber is one of those industries you'd come to love/hate.
I say that cybersecurity is an “acquired taste” and not everyone “acquires” it. But for those who have … 😊
wonderful
Good 👍
Will ai also affect cyber security jobs?
(Can you guys also give me a detailed roadmap of getting into cyber security. I'm a civil engineering graduate trying to get into cyber security.
Pls comment the roadmap from initial position to senior level. Thanks in advance)
Hey Ashfaq, did you get a response from Jeff? I can't see any. Please copy paste if you can. 🙏
If the second question is still relavant, they have a vid "Careers in cybersecurity" that might give you necessary info.
Regarding the first question, my quess is that cybersecurity tasks will always need both creativity and professional "intuition", so ai will be an important tool, but it will never replace human cybersecurity specialists.
The ai itself also need to be secured so I'm not sure 😂
i dont think so. yeah, maybe ai can automatize processes but (at least) humans think problems in more of a unique way, a way that machines do not.
machine for coding, not for thinking, a machine wouldn't save your company if its getting nuke'd prob. on todays world ai can help you a lot but i dont think it will annihilate human SOC (even pententesters) jobs
This is excellent!
Please provide information on IBM NOC service.
I'd love to start a career in CyberSec, are there any IBM certs or apprencitceship or anything that can help me ? Thanks a lot
Please see my previous response to Ashfaq Ahmed
@@jeffcrume thanks Sir
@@jeffcrume I can't find your response to his comment.
👍🏾
Lol, I thought you were gonna explain SOC - System On a Chip 😂
How is he writing in reverse??
This is what I keep on wondering whenever I see his vids 😂
Write on a clear glass film from opposite side and then flip the video 180
3:33 Threat hunting
no need for having seperate levels, its old fasion. no need to have manager role. we need a tech leader with extensive cyber sec knowledge. team management is an old topic which is gone in new modern organisation.
I think it depends on the size of the organization, level of sophistication of the personnel, complexity of the environment and countless other factors
CIRT team leader should be the SOC leader and have the authority to "call" the incident and invoke the team.