Strategy 3: Build a SOC Structure to Match Your Organizational Needs

1

Introduction

00:00 • 2min

2

How to Build a Sock Structure to Match Your Organizational Needs

02:28 • 2min

3

How to Organize a Socket Team

04:21 • 4min

4

The Evolution of Socks

08:32 • 2min

5

The Importance of Context in Reorganized Strategy

11:02 • 2min

6

The Importance of Context in a Large Organization

12:36 • 2min

7

How to Build the Strongest Security Operations Team

14:54 • 3min

8

The Importance of Having a Home for Your SOC

17:35 • 3min

9

How to Structure a SOC

20:12 • 3min

10

The Importance of Time in SOC Engineering

22:50 • 3min

11

The Flaws in Logic

25:26 • 3min

12

The Benefits of Having People With Scripting Skills in Your Sock

28:53 • 2min

13

The Benefits and Drawbacks of a Tier List Model

31:01 • 3min

14

How to Set Up a Tier List Environment for Your Organization

33:51 • 3min

15

How to Leverage Automation in All of This

37:02 • 2min

16

The Problem With Second Edition Alerts

38:40 • 1min

17

Tiered Socks: How to Avoid Complementary Contracts

40:09 • 2min

18

How to Outsource Your Analysis Force

42:07 • 3min

19

How to Outsource Incident Response to the MSSP

45:22 • 2min

20

How to Be Sure Your MSSP Is Doing What They Think They're Doing

46:54 • 4min

21

How to Make a Decision on How Much Coverage You Need

50:29 • 2min

22

How to Outsource Alert Triage and Investigation for 24 Hours

52:39 • 3min

23

How to Build a Socket Room

56:08 • 3min

24

How to Make Your Analysts Comfortable

58:57 • 2min

25

The Importance of Collaboration in a Physical Socket

01:01:15 • 3min

26

The Importance of Being Near Your Stakeholders

01:04:01 • 2min

27

The Effect of Remote Communication on Onboarding

01:05:38 • 2min

28

The Importance of a Sock Coming Together Physically

01:08:05 • 2min

29

The Importance of Team Cohesion

01:09:51 • 2min

30

The Importance of Human-Human Connection in Incident Response

01:11:35 • 3min