In SOC ReLoad, thought leaders and security researchers from leading institutions discussed steps that can be taken to overcome the obstacles in building proactive SOC capabilities and preempting cyber attacks.
Security Operations Center (SOC) practices spread across multiple tasks, all equally crucial: gaining optimal visibility, looking far and wide across the threat landscape, detecting early on, and responding fast. SOC teams spread themselves thin and fire-fight constantly, trying to balance complex and resource-intensive initiatives. SOCs find powerful allies in read teamers, who test the efficacy of their output. However, keeping log fidelity, prevention and alerting capabilities sharp vis-à-vis a changing adversarial context remains to be one of the most pressing challenges that SOC teams face.