[English] How SOC Team Works скачать в хорошем качестве

[English] How SOC Team Works

This video provides a detailed overview of the structure and daily operations of a Security Operations Centre (SOC) team within various corporate environments, such as manufacturing, retail, or pharmaceutical companies. What You Will Learn: • SOC Team Structure: Understand how a 10-member team is organised, typically consisting of six L2 analysts and four L1 analysts. • 24/7 Shift Operations: Insight into managing a 24/7 roster with specific morning (07:00–16:00), afternoon (14:00–23:00), and night (21:00–07:00) shifts to ensure constant coverage. • Infrastructure Scale: A look at the typical volume of devices monitored, including roughly 7,000 devices, 200–300 servers, and approximately 80 firewalls. • Incident & Alert Management: Learn about handling roughly 500 monthly alerts, with a focus on high-priority threats such as phishing, SQL injections, and CNC (Command and Control) traffic. • SLAs and Workflows: Detailed breakdown of Service Level Agreements (SLAs) for ticket closure—ranging from 4–5 hours for high-severity issues to three days for low-severity tasks. • Collaboration: How SOC teams use ServiceNow to coordinate with domain teams and the importance of weekly team meetings for operational alignment. This guide is essential for anyone looking to understand the practicalities of working in a SOC, from device inventory management to automated playbooks and incident response #soc #cybersecurity #IncidentResponse #SecurityOperations #Infosec #BlueTeam #NetworkSecurity #CyberSecurityTraining #SLA #Phishing #TechOperations