For October Cybersecurity Consciousness month, Cisco and NetWitness launched the Safety Operations Middle (SOC) Findings Report from RSA Convention (RSAC) 2024.
Since 2017, the SOC has been an academic exhibit at RSAC. The aim is to watch the community exercise in the course of the occasion and supply SOC excursions and a session in the course of the convention. From the excursions and session — and this Findings Report printed by sponsors Cisco and NetWitness — you may find out about what occurs on an open, unsecured wi-fi community. The community infrastructure at RSAC is managed by the Moscone Middle. You’ll be able to watch the replay of the 2024 session.
The know-how stack within the SOC at RSAC continues to evolve. In 2024, we deployed the NetWitness platform, together with NetWitness® Community, NetWitness® Logs and NetWitness® Orchestrator. We additionally utilized Safe Firewall and the Cisco Safety Cloud (Cisco Breach Safety Suite, Person Safety Suite and Cloud Safety Suite).
Incidents underneath in investigation have been correlated with menace intelligence, supplied by Cisco Talos, and licenses supplied by alphaMountain, IBM X-Power Trade, Pulsedive and Recorded Future, and group sources.
For the primary time within the SOC, Splunk Enterprise Safety was used as a Safety Incident and Occasion Administration (SIEM) platform. A number of integrations have been enabled, together with NetWitness NDR, Cisco Firewall logs and enrichment with Recorded Future, for investigations with Cisco XDR.
The Findings Report contains sections about:
Know-how used within the SOC at RSA ConferenceThe Knowledge, by NetWitnessIntegration and Risk HuntingMalware AnalysisSecurity Incident and Occasion ManagementIntrusion DetectionSecurity CloudConclusion
You may as well try the weblog Operationalizing our customized “SOC in a Field” on the RSA Convention 2024, to be taught extra in regards to the SOC {hardware} and topology.
Obtain the Safety Operations Middle Findings Report from RSA Convention 2024. You may as well view the 2023 report. We stay up for seeing you in late April 2025!
Acknowledgements: Our appreciation to those that made the SOC at RSAC attainable. Please see the Report for the engineering roles, thanks.
We’d love to listen to what you suppose. Ask a Query, Remark Under, and Keep Related with Cisco Safe on social!
Cisco Safety Social Channels
InstagramFacebookTwitterLinkedIn
Share: