SOC Resources
some bookmarks
-
Sniper Forensics:TA, Chris Pogue & Trustwave SpiderLabs, slides (2010)
-
When Threat Intel Met DFIR, Thomas Chopitea & Ronan Mouchoux, live slides, pdf
-
RedQueen 10 Strategies Carson Zimmerman and Mitre, book from Mitre pdf
- PNSM and TNSM, Richard Bejtlich : books, blog
- PNSM for basic background, Security Onion, process, and scenarios
- TNSM for deep background theory and wisdom, FreeBSD tips
- ANSM Applied NSM book, Chris Sanders and Jason Smith, the whole book, but especially:
- 1.7 “Defining the Analyst”
- 15 “The Analysis Process”
- OST.info School of SOC flowchart, r0x0r skill trees:
-
CIS Workforce Handbook (info page)[http://www.cisecurity.org/workforce/workplace.cfm]
- Job roles, training and education tables:
-
OST.info
-
David Bianco, “A Simple Hunting Maturity Model” Detect Respond Blog direct link
- NIST SPs, especially:
- 800-61r2 : Computer Security Incident Handling Guides
- 800-86 : Guide to Integrating Forensic Techniques into Incident Response
- DoD 6510 from http://www.jcs.mil/Library/CJCS-Manuals/
Chris Sanders blog and Phd work,eg
-
http://chrissanders.org/2016/10/three-useful-soc-dashboards/
-
FIXME link 10 SIEM dashboards slides
Written on November 18, 2015