Cloud Security Podcast by Google

EP78 Classic SOC Meets Cloud: What Changes? What Stays the Same?

7 snips
Aug 8, 2022
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ADVICE

Adapting Legacy SOC to Cloud

  • Consider the people, process, and technology (PPT) framework when adapting a legacy SOC to the cloud.
  • Evaluate each phase of your existing process (data collection, detection, triage, investigation, response) and identify necessary cloud adaptations for your people and technologies.
INSIGHT

Cloud Detection Focus

  • Focus on detecting techniques (as opposed to the ever-changing procedures) in the cloud.
  • The core security use cases (external attacks, insider threats) and attacker techniques (e.g., credential misuse for persistence) remain similar between on-prem and cloud environments.
INSIGHT

Cloud vs. Data Center Differences

  • While broad use cases and the importance of identity remain similar, cloud environments introduce unique technological differences (containers, serverless).
  • Consider the supply chain, dependencies, and leaky bucket situations specific to cloud environments.
Get the Snipd Podcast app to discover more snips from this episode
Get the app