SOC-Class: Building and Running Security Operations Centres
Radisson Blu Hotel, Riyadh Qurtuba
Al Thumama Road, Riyadh, 11263, Saudi Arabia
- Registration starts at 8am
- Training from 9am to 5pm
- Roadmap (and Gantt chart) for what needs to be done in the organization seeking to implement security operations.
- Proper arrangement of processes, technology, and staff to effectively conduct SOC operations
- Perspective on global trends in security operations from the author of the SOC Survey for the past five years
This course provides a comprehensive picture of a Cyber Security Operations Center (CSOC or SOC). Discussion on the technology needed to run a SOC are handled in a vendor agnostic way. In addition, technology is addressed in a way that attempts to address both minimal budgets as well as budgets with global scope. Staff roles needed are enumerated. Informing and training staff through internal training and information sharing is addressed. The interaction between functional areas and data exchanged is detailed. Processes to coordinate the technology, the SOC staff, and the business are enumerated.
Who should take this course
- Ideally, attendees will be SOC managers, team leads in security specializations or lead technical staff, security architects. CIO, CISO or CSO (Chief Security Officer) is the highest level in the organization appropriate to attend.
- This class is not technical in nature, but someone without knowledge of IT common practices and Information Security fundamentals (such as the Confidentiality, Integrity, and Availability triad) will be lost very quickly.
- This is not a class to send SOC analysts, unless he/she/they aspire to shift to a team lead or SOC manager. Then this course is perfect to provide the appropriate basis and perspective to take that next step.
- Students should bring laptop or tablet for reference and note taking.