Protect Your Assets
cancel
Showing results for 
Search instead for 
Did you mean: 

Re: Implementing intelligent SecOps capability

alireza ghahrood

This is a good description of a capability model, but several 'Frontier' capabilities may need to move to the left. I don't agree statistical analysis, IOC identification, or Data mining as listed, should be considered advanced any longer. Companies building a SOC capability for the last five years have been including statistical analysis and data mining in the tool chain and skill sets, IOCs through enrichment. Technology companies have been building it in their software for the last two. We might not consider it frontier if it factors into a Gartner quadrant. Where would we class a response capability here? Where would a hunting mission fit in

0 Kudos
About the Author

alireza ghahrood

Comments
Jeffrey Pound

I maintain that ArcSight as well as any decently maintained SEIM would/should meet the government "autditing" requirements of any non-fiduciary system with ease, and should be able to easily meet the auditing requirements of a fiduciary system with a simple change of configuration of the auditing details of that system in the SEIM setup.

I have people here in the Governement that think that "Auditing" a system can ONLY be accompleshed by systems that are special built for that function mand only that function, what say YOU?

alireza ghahrood

This is a good description of a capability model, but several 'Frontier' capabilities may need to move to the left. I don't agree statistical analysis, IOC identification, or Data mining as listed, should be considered advanced any longer. Companies building a SOC capability for the last five years have been including statistical analysis and data mining in the tool chain and skill sets, IOCs through enrichment. Technology companies have been building it in their software for the last two. We might not consider it frontier if it factors into a Gartner quadrant. Where would we class a response capability here? Where would a hunting mission fit in

Events
June 6 - 8, 2017
Las Vegas, Nevada
Discover 2017 Las Vegas
Join us for HPE Discover 2017 in Las Vegas. The event will be held at the Venetian | Palazzo from June 6-8, 2017.
Read more
Each Month in 2017
Online
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all
What's New
Posted to:
Original author:
View all