WTF does a SOC actually do?


Thursday, September 8, 2022 - 12:00 to 13:00

Event type: 

  • Webinar

Host: Tom Kinnaird, Lead Microsoft Security Engineer | Claranet Cyber Security

The moments following a security alert are some of the most critical in attack detection and response. What takes place during this time window will dictate whether a threat is eradicated fast or left to persist, potentially causing devastating harm to your organisation.

Join Tom, as he demonstrates what really happens inside a CREST-accredited SOC in the first 30 minutes after an alert is received. He’ll use a simulated sophisticated attack walkthrough to show how SOCs use people, process, and technology to detect and respond to threats across the kill chain. By the end of the event, you’ll understand what "effective” triage and escalation look like in a real attack scenario.

What you'll learn:

  • The people, roles, processes, methodologies, systems, tools, and techniques that make up the SOC
  • What an alert actually looks like and how these are triaged
  • How to make the most of the first 30 minutes following an alert
  • The process and value of security data enrichment
  • How threat hunting works and why it's essential to attack detection
  • How a SOC team collaborates to identify threats and protect organisations from harm

This webinar will be most useful to:

  • IT and security managers
  • Security analysts
  • Security engineers
  • Security architects
  • Digital transformation leaders
  • Developers

We hope to see you there. Register to attend today.