Security Operations Center

The document outlines key components of a Security Operations Center, including data loss prevention, unified threat management, and secure access service edge. It discusses various technologies such as SIEM, SOAR, and Cortex solutions for endpoint protection, threat intelligence, and IoT security. Additionally, it highlights the importance of integrating security functions and utilizing advanced analytics for effective security operations.

Uploaded by

darshilvijay6371

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

1 views

Security Operations Center

Uploaded by

darshilvijay6371

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 22

Security Operations Center

Fundamentals
Data loss prevention

Inspect and prevent sensitive data from leaving a network such as:
▪ Personally identifiable information (PII)
▪ Classified materials
▪ Intellectual property, trade secrets, proprietary information
Unified threat management

An appliance that combines multiple security functions such as:

▪ Anti-malware
▪ Anti-spam
▪ Content filtering
▪ Data loss prevention
▪ Firewall (stateful inspection)
▪ IDS/IPS
▪ VPN
Secure access service edge
A unified, cloud-delivered solution that converges networking and security services

• Networking
▪ Software-defined wide-area network (SD-WAN)
▪ Virtual private network (VPN)
▪ Zero Trust network access (ZTNA)
▪ Quality of service (QoS)
• Security
▪ Firewall as a service (FWaaS)
▪ Domain Name System (DNS) security
▪ Threat prevention
▪ Secure web gateway (SWG)
▪ Data loss prevention (DLP)
▪ Cloud access security broker (CASB)
SIEM - Security information and event management

• Collects information generated by various network devices and applications

• Provides:
▪ Real-time monitoring
▪ Event correlation
▪ Analysis
▪ Notification of security alerts
SOAR - Security Orchestration, Automation, and Response

• Playbooks
• Integrations
Secure the Future (Cortex)

Endpoint protection (Cortex XDR)

Cortex XSOAR

Cortex Data Lake

Threat intelligence (AutoFocus)

IoT security (Zingbox)

Secure the Future (Cortex)
Struggles of a security analyst
Endpoint protection (Cortex XDR)
Malicious files vs. exploits
Endpoint protection (Cortex XDR)
Cortex XDR uses multiple technologies & techniques to protect endpoints from known & unknown malware
Endpoint protection (Cortex XDR)
Behavioral threat protection with Cortex XDR
Endpoint protection (Cortex XDR)
Cortex XDR focuses on exploit techniques rather than on the exploits themselves
Endpoint protection (Cortex XDR)
Cortex XDR: Investigate and respond to attacks
Endpoint protection (Cortex XDR)
The Cortex XDR dashboard
Endpoint protection (Cortex XDR)
Native integration with network, endpoint, and cloud apps as well as WildFire threat intelligence
Endpoint protection (Cortex XDR)
Cortex XDR speeds alert triage and incident response
Cortex XSOAR
Cortex XSOAR ingests alerts and IoCs from multiple sources and executes playbooks to respond to incidents
Cortex Data Lake

• Elastic cloud-based service provides on-demand compute and storage scalability

• Automatically collects, integrates, and normalizes data across security

infrastructure

• Unified data enables advanced AI and machine learning to radically simplify

security operations with apps built on Cortex

• Strict privacy and security controls prevent unauthorized access

Threat intelligence (AutoFocus)
Palo Alto Networks AutoFocus Threat Intelligence Cloud
Threat intelligence (AutoFocus)
Key capabilities

• Priority alerts and tags

• Threat correlation

• Actionable intelligence

• Threat indicator sharing (MineMeld)

Threat intelligence (AutoFocus)
MineMeld aggregates and correlates threat intelligence feeds
IoT security (Zingbox)

• Zingbox IoT Guardian automates orchestration of IoT lifecycle (security,

management, and optimization

• Unique IoT personality-based approach to secure and manage IoT devices with
integrated IoT security based on machine learning

• Automate threat detection and response from a single system

Discord Token
No ratings yet
Discord Token
7 pages
Microsoft Defender XDR Markus Lintuala
No ratings yet
Microsoft Defender XDR Markus Lintuala
44 pages
Encryption and Hashing: Presented by Fatma HAMOUDA
No ratings yet
Encryption and Hashing: Presented by Fatma HAMOUDA
18 pages
Fortixdr
No ratings yet
Fortixdr
9 pages
10-22 OT-SolutionBrief v4
No ratings yet
10-22 OT-SolutionBrief v4
3 pages
Basic Termilogies in Ict 1
No ratings yet
Basic Termilogies in Ict 1
33 pages
HP ArcSight SmartConnectors Supported Products Aug 2014 PDF
No ratings yet
HP ArcSight SmartConnectors Supported Products Aug 2014 PDF
8 pages
Infoblox ActiveTrust Datasheet
No ratings yet
Infoblox ActiveTrust Datasheet
4 pages
CipherTrust Data Security Platform Ds
No ratings yet
CipherTrust Data Security Platform Ds
22 pages
Data Security
No ratings yet
Data Security
67 pages
Cortex XDR: Safeguard Your Entire Organization With The Industry's First Extended Detection and Response Platform
No ratings yet
Cortex XDR: Safeguard Your Entire Organization With The Industry's First Extended Detection and Response Platform
7 pages
Information Security Management Security Devices
No ratings yet
Information Security Management Security Devices
10 pages
CISSP Session 03
No ratings yet
CISSP Session 03
85 pages
RocketCyber Managed SOC Product Brief (2) (3)
No ratings yet
RocketCyber Managed SOC Product Brief (2) (3)
2 pages
Fortiedr
No ratings yet
Fortiedr
10 pages
Fortiedr
No ratings yet
Fortiedr
10 pages
Elbit Systems: Cyber Defense
No ratings yet
Elbit Systems: Cyber Defense
23 pages
CyOps - v3 - Chap10
No ratings yet
CyOps - v3 - Chap10
57 pages
Kaspersky Next EDR Optimum Feature List 0824 EN
No ratings yet
Kaspersky Next EDR Optimum Feature List 0824 EN
15 pages
Fortiedr
No ratings yet
Fortiedr
10 pages
SECPDS - 013 - EN 1804 NETSCOUT Arbor Edge Defense - 0 PDF
No ratings yet
SECPDS - 013 - EN 1804 NETSCOUT Arbor Edge Defense - 0 PDF
4 pages
PROTECT Entervevvézprise Brochure
No ratings yet
PROTECT Entervevvézprise Brochure
6 pages
Cybersecurity ABCDv7.01 Public
No ratings yet
Cybersecurity ABCDv7.01 Public
26 pages
Security 4CS
No ratings yet
Security 4CS
6 pages
Fidelis-network-detection-and-response-datasheet
No ratings yet
Fidelis-network-detection-and-response-datasheet
2 pages
Security Issues in Networks With Internet Access: Presented by Sri Vallabh Aida Janciragic Sashidhar Reddy
No ratings yet
Security Issues in Networks With Internet Access: Presented by Sri Vallabh Aida Janciragic Sashidhar Reddy
37 pages
Cyber Security Shipra
No ratings yet
Cyber Security Shipra
10 pages
Fortixdr ™: Fully Automated Incident Identification, Investigation, and Remediation
No ratings yet
Fortixdr ™: Fully Automated Incident Identification, Investigation, and Remediation
5 pages
XDR Infographic Final - 030322
No ratings yet
XDR Infographic Final - 030322
1 page
5.0 Network Architecture
No ratings yet
5.0 Network Architecture
273 pages
Roman Power Works Cyber Security
No ratings yet
Roman Power Works Cyber Security
3 pages
Network Security
No ratings yet
Network Security
4 pages
Vision One – Endpoint Security, Datasheet
No ratings yet
Vision One – Endpoint Security, Datasheet
3 pages
Resume_KVSK_1
No ratings yet
Resume_KVSK_1
3 pages
Part Two of Secure Coding
No ratings yet
Part Two of Secure Coding
6 pages
Final Cortex XDR Ds
No ratings yet
Final Cortex XDR Ds
4 pages
SOC Building1
100% (1)
SOC Building1
36 pages
Data Security Powerpoint
No ratings yet
Data Security Powerpoint
25 pages
Vision One - Endpoint Security - Datasheet
No ratings yet
Vision One - Endpoint Security - Datasheet
3 pages
ESET B2B Solutions Overview1
No ratings yet
ESET B2B Solutions Overview1
12 pages
Monitoring and Diagnosing Networks: Dr. Jasim Saeed
No ratings yet
Monitoring and Diagnosing Networks: Dr. Jasim Saeed
11 pages
unit 2
No ratings yet
unit 2
31 pages
CySA+ Cheat Sheet
No ratings yet
CySA+ Cheat Sheet
12 pages
Cortex Data Lake
No ratings yet
Cortex Data Lake
3 pages
Network Security
No ratings yet
Network Security
21 pages
Introduction to Computer System Infrastructure.pptx
No ratings yet
Introduction to Computer System Infrastructure.pptx
37 pages
Data Security in Cloud Computing
No ratings yet
Data Security in Cloud Computing
13 pages
Tech NTPL
No ratings yet
Tech NTPL
4 pages
Professional_Network_Security_PPT (1)
No ratings yet
Professional_Network_Security_PPT (1)
31 pages
SOC Tools
No ratings yet
SOC Tools
6 pages
Zscaler Internet Access
No ratings yet
Zscaler Internet Access
8 pages
Aerissecurityv 721663682410091
No ratings yet
Aerissecurityv 721663682410091
6 pages
Datasheet Trend Micro Apex One
No ratings yet
Datasheet Trend Micro Apex One
3 pages
Zscaler Internet Access
No ratings yet
Zscaler Internet Access
9 pages
Infoblox Ecosystem - Solution Note
No ratings yet
Infoblox Ecosystem - Solution Note
5 pages
Five Emerging Defenses Webinar v10 - 979050
No ratings yet
Five Emerging Defenses Webinar v10 - 979050
32 pages
Intrusion Detection System
No ratings yet
Intrusion Detection System
23 pages
CN&CS_UNIT_-_4[1] (1)
No ratings yet
CN&CS_UNIT_-_4[1] (1)
19 pages
cyber security(Cloud Security )-6
No ratings yet
cyber security(Cloud Security )-6
8 pages
Microsoft Certified: Azure Security Engineer Associate
No ratings yet
Microsoft Certified: Azure Security Engineer Associate
67 pages
Cortex XDR
No ratings yet
Cortex XDR
9 pages
Practical Internet of Things Security
From Everand
Practical Internet of Things Security
Drew Van Duren
No ratings yet
Normal distribution-1-13
No ratings yet
Normal distribution-1-13
13 pages
ppt 8 & 9
No ratings yet
ppt 8 & 9
32 pages
Lecture 10
No ratings yet
Lecture 10
21 pages
NIDS_ppt
No ratings yet
NIDS_ppt
8 pages
Information Security
No ratings yet
Information Security
9 pages
Pradeep-Security Analyst
No ratings yet
Pradeep-Security Analyst
4 pages
The Role of Blockchain Technology in Enhancing Cybersecurity
No ratings yet
The Role of Blockchain Technology in Enhancing Cybersecurity
2 pages
111-Lab-4
No ratings yet
111-Lab-4
2 pages
3-Design Primitives of Blockchain
No ratings yet
3-Design Primitives of Blockchain
13 pages
Lecture 2-2
No ratings yet
Lecture 2-2
17 pages
Kerberos Seminar Report
100% (2)
Kerberos Seminar Report
29 pages
Security-040330-cryptography
No ratings yet
Security-040330-cryptography
62 pages
20 Protocols
No ratings yet
20 Protocols
5 pages
Charismathics Smart Security Interface: Manual
No ratings yet
Charismathics Smart Security Interface: Manual
58 pages
Aadhar Card - Converted Lalan
No ratings yet
Aadhar Card - Converted Lalan
1 page
MTV
100% (1)
MTV
3 pages
Keccak Slides at NIST
No ratings yet
Keccak Slides at NIST
71 pages
TAFC - Time and Attribute Factors Combined Access Control For Time-Sensitive Data in Public Cloud
No ratings yet
TAFC - Time and Attribute Factors Combined Access Control For Time-Sensitive Data in Public Cloud
14 pages
Ocsa - Offenso Certified Security Analyst-2
No ratings yet
Ocsa - Offenso Certified Security Analyst-2
11 pages
mcq threat modeling
No ratings yet
mcq threat modeling
15 pages
Blockchain-based System for E-Voting Using Blind Signature Protocol
No ratings yet
Blockchain-based System for E-Voting Using Blind Signature Protocol
6 pages
WWW Techtarget Com Searchsecurity Definition DMZ
No ratings yet
WWW Techtarget Com Searchsecurity Definition DMZ
6 pages
Ch06 (Malicious Software)
No ratings yet
Ch06 (Malicious Software)
29 pages
Third-Party-Security-Guideline-EN
No ratings yet
Third-Party-Security-Guideline-EN
9 pages
Lab #6: Define A Remote Access Policy To Support Remote Healthcare Clinics
No ratings yet
Lab #6: Define A Remote Access Policy To Support Remote Healthcare Clinics
6 pages
6 - Key Management and Distribution-Final-ok
No ratings yet
6 - Key Management and Distribution-Final-ok
38 pages
Question Bank Data Security Module I II III
No ratings yet
Question Bank Data Security Module I II III
5 pages
Assignment-I NS-17EC742
No ratings yet
Assignment-I NS-17EC742
2 pages
How To Use Snort in Kali
No ratings yet
How To Use Snort in Kali
9 pages
Web Security Unit 6 Notes PDF
No ratings yet
Web Security Unit 6 Notes PDF
24 pages
ADS Chapter 6 Database Security & Authorization
No ratings yet
ADS Chapter 6 Database Security & Authorization
43 pages
Wi-Fi Protected Access
No ratings yet
Wi-Fi Protected Access
12 pages