LDR551: Building and Leading Security Operations Centers | GSOM скачать в хорошем качестве

LDR551: Building and Leading Security Operations Centers | GSOM

In a world where IT environments and threat actors evolve faster than many teams can track, position your SOC to defend against highly motivated threat actors. Highly dynamic modern environments require a cyber defense capability that is forward-looking, fast-paced, and intelligence-driven. This SOC manager training course will guide you through these critical activities from start to finish and teach you how to design defenses with your organization's unique risk profile in mind. If you are a SOC manager or leader looking to unlock the power of proactive, intelligence-informed cyber defense, then LDR551 is the perfect course for you! Walk away with the ability to align your SOC activities with organizational goals. 17 hands-on exercises + Cyber42 interactive leadership simulations. Prevent - Detect - Respond | People - Process - Technology ORGANIZATIONAL BENEFITS Implement strategies for aligning cyber defense to organizational goals Decrease risk profile due to improved security validation tools and techniques Apply methodologies for recruiting, hiring, training, and retaining talented cyber defenders Streamline effective cross-team coordination and collaboration Employ immediate security optimization improvements using current assets Reduce financial spend due to smoother cyber security operations SKILLS LEARNED Construct a strong SOC foundation based on a clear mission, charter, and organizational goals Collect the most important logs and network data Build, train, and empower a diverse team Create playbooks and manage detection use cases Use threat intelligence to focus detection efforts on true priorities Apply threat hunting process and active defense strategies Implement efficient alert triage and investigation workflow Operate effective incident response planning and execution Choose metrics and long-term strategy to improve the SOC Employ team member training, retention, and prevention of burnout Perform SOC assessment through capacity planning, purple team testing, and adversary emulation SYLLABUS SUMMARY Section 1: Critical elements necessary to build your Security Operations Center Section 2: Building a threat model, defensive theory, and mental models Section 3: Threat detection and threat modeling Section 4: The full incident response cycle for operations managers Section 5: Measuring and improving security operations About the Authors: John Hubbard John is a Security Operations Center (SOC) consultant and speaker, a Senior SANS instructor, and the course author of two SANS courses, SEC450: Blue Team Fundamentals - Security Operations and Analysis and LDR551: Building and Leading Security Operations Centers. John also teaches additional SANS Blue Team courses such as SEC511: Continuous Monitoring and Security Operations, and SEC555: SIEM with Tactical Analytics. Through his years of experience as a Lead Cyber Security Analyst and SOC Manager for a major pharmaceutical company with over 100,000 employees and global operations, John has developed real-world, first-hand knowledge of what it takes to defend an organization against advanced cyber-attacks. Read more about John at https://www.sans.org/profiles/john-hu... Mark Orlando Mark Orlando is a SANS Certified Instructor, co-author MGT551: Building and Leading Security Operations Centers, instructor for SEC450: Blue Team Fundamentals: Security Operations and Analysis, and the Co-Founder and CEO of Bionic Cyber. Prior to Bionic, Mark built, assessed, and managed security teams at the Pentagon, the White House, the Department of Energy, and numerous Fortune 500 clients. Mark has presented on security operations and assessment at DefCon's Blue Team Village, the Institute for Applied Network Security (IANS) Forum, BSidesDC, and the RSA Conference and has been quoted in the New York Times, the Washington Post, Forbes, and many other publications. He holds a Bachelor's Degree in Advanced Information Technology from George Mason University and served in the US Marine Corps as an Artillery Non-Commissioned Officer. Read more about Mark at https://www.sans.org/profiles/mark-or... Learn more about SANS Cybersecurity Leadership Curriculum at www.sans.org/cybersercurity-leadership Connect with us on social: LinkedIn - SANS Security Leadership Twitter - @secleadership SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.