Strategy 2: Give the SOC the Authority to Do Its Job Artwork

Blueprint: Build the Best in Cyber Defense

Are you a cyber defender looking to keep up on the newest tools, technology, and security concepts? Then BLUEPRINT is the podcast for you! Tune in to hear the latest in cyber defense and security operations from blue team leaders and experts. With a focus on learning, BLUEPRINT includes interviews with today’s top security practitioners defending the world’s most respected brands, and in-depth explanations on the newest technologies, protocols, and defensive tools. BLUEPRINT, is a podcast hosted by John Hubbard and brought to you by the SANS Institute. BLUEPRINT - your one-stop shop for taking your defense skills to the next level!

All Episodes

Blueprint: Build the Best in Cyber Defense

Strategy 2: Give the SOC the Authority to Do Its Job

May 15, 2023 • SANS Institute • Season 4 • Episode 2

Click here to send us your ideas and feedback on Blueprint!

Though a SOC is responsible for protecting your organization's assets, it is not the owner of those systems. If the SOC is not established with a clear charter and authority to act, it may quickly become difficult to be effective. Who should the SOC report to, what should be in a SOC charter, and how can we make these tough decisions? Those are the questions covered in this episode of our special "11 Strategies" season. This episode covers chapter 2 of the book - "Give the SOC the Authority to Do Its Job".

This special season of the Blueprint Podcast is taking a deep dive into MITRE’s 11 Strategies of a World-Class Cyber Security Operations Center. Each episode John will break down a chapter of the book with the book’s authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.

Visit Mitre's page for more information
-----------

Sponsor's Note

Support for the Blueprint podcast comes from the SANS Institute.
If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.
This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.
Check out the details at sansurl.com/450 Hope to see you in class!
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn

Learn more about SANS' SOC courses at sans.org/soc

Connect with John:
- LinkedIn
- Take A Training Course with John

SOC Analyst and Leadership Training Courses:
- SEC450: Blue Team Fundamentals - Security Operations and Analysis
- LDR551: Building and Leading Security Operations Centers

SANS:
- Cyber Defense Course List
- Upcoming Training Events
- Free tools, VMs, cheat sheets and more for cyber defenders

People on this episode

John Hubbard

Host