ColaSec

Columbia's Information Security Group

A free and informal gathering of information security professionals and enthusiasts in Columbia, South Carolina at the Richland County Public Library on the 3rd Tuesday of every month at 6:00 PM (click on the YouTube bubble).

Founded 2014 (COVID can’t stop us)

Image credit: Zach Pippin
zachpippin.com

Upcoming Presentation: The Anatomy of a Modern Security Monitoring Program

Presenter Name(s): David Burkett

Tell us about you or your group: David is the Security Operations Center (SOC) Manager for the company Corvid Cyberdefense, an MSSP based out of Mooresville NC. David has a background in building SOCs, performing technical assessments as a consultant for other SOCs, and working as a SOAR Architect helping over 3 dozen fortune 500 and major Federal Government agencies create playbooks and automate manual security tasks.

Presentation Synopsis: Does your SOC rely on dashboards, low-fidelity OOTB detection logic, and 3rd party threat intel feeds to detect and alert on activity? If so you are not alone. Through my background of working with various Security Operations Centers, the differences I've seen the large and more tech forward companies doing compared to your more average company are staggering. This isn't due to large budgets and being able to buy the most expensive equipment.

Unfortunately for us as defenders, there isn't a lot of great information out there on what these sort of organizations are doing from a process and procedures perspective as blue teams are commonly hesitant to share what they are doing, and a lot of the "Guide to Building a SOC!" blogs on the internet are written by consultants who have never worked in a SOC.

In this talk, my aim is to bring to light, what a modern security program looks like and ways to help you get there using free and open source tools.

Social Media Links: @signalblur / https://www.linkedin.com/in/david-burkett / https://github.com/david-burkett