Open-Source Security Operations Center (Soc) - by Alfred Basta & Nadine Basta & Waqar Anwar & Mohammad Ilyas Essar (Hardcover)

About the Book

"The Security Operation Center (SOC) is a centralized function within an organization that uses people, procedures, and technology to prevent, identify, analyze, and respond to cybersecurity incidents while continuously monitoring and improving an organization's security posture. The emergence of sophisticated threats placed a premium on gathering context from several sources. An SOC is a central command post collecting telemetry from across an organization's IT infrastructure, including networks, devices, appliances, and data stores, regardless of where such assets are located. Essentially, the SOC is the point of contact for any events logged within the organization that is being monitored. The SOC must decide how each event will be managed and handled"--

From the Back Cover

A comprehensive and up-to-date exploration of implementing and managing a security operations center in an open-source environment

In Open-Source Security Operations Center (SOC): A Complete Guide to Establishing, Managing, and Maintaining a Modern SOC, a team of veteran cybersecurity practitioners delivers a practical and hands-on discussion of how to set up and operate a security operations center (SOC) in a way that integrates and optimizes existing security procedures. You'll explore how to implement and manage every relevant aspect of cybersecurity, from foundational infrastructure to consumer access points.

In the book, the authors explain why industry standards have become necessary and how they have evolved - and will evolve - to support the growing cybersecurity demands in this space. Readers will also find:

• A modular design that facilitates use in a variety of classrooms and instructional settings
• Detailed discussions of SOC tools used for threat prevention and detection, including vulnerability assessment, behavioral monitoring, and asset discovery
• Hands-on exercises, case studies, and end-of-chapter questions to enable learning and retention

Perfect for cybersecurity practitioners and software engineers working in the industry, Open-Source Security Operations Center (SOC) will also prove invaluable to managers, executives, and directors who seek a better technical understanding of how to secure their networks and products.

About the Author

Alfred Basta, PhD, CCP (CMMC), CISM, CPENT, LPT, OSCP, PMP, CRTO, CHPSE, CRISC, CISA, CGEIT, CASP+, CYSA+, is a professor of mathematics, cryptography, and information security as well as a professional speaker on internet security, networking, and cryptography. He is a member of many associations, including ISACA, ECE, and the Mathematical Association of America. Dr. Basta's other publications include Pen Testing from Contract to Report, Computer Security and Penetration Testing, Mathematics for Information Technology, Linux Operations and Administration, and Database Security. In addition, Dr. Basta is the chair of EC-Council's CPENT Scheme Committee. He has worked as a faculty member and curriculum advisor for programming and cyber security programs at numerous colleges and universities.

Nadine Basta, MSc., CEH, is a professor of computer science, cybersecurity, mathematics, and information technology. Her numerous certifications include CEH, MCSE, MSDBA, CCDP, NCSE, NCTE, and CCA. A security consultant and auditor, she combines strong "in the field" experience with her academic background. She is also the author of Computer Security and Penetration Testing, Mathematics for Information Technology, and Linux Operations and Administration. Nadine has extensive teaching and research experience in computer science and cybersecurity.

Waqar Anwar is a Cybersecurity Curriculum Specialist with over 10 years of experience in the field. He also develops and delivers training to faculty and staff on cybersecurity topics and conducts research on cybersecurity topics. Mr. Anwar is a frequent speaker at industry conferences. He is also a member of several cybersecurity organizations including SysAdmin, Audit, Network and Security SANS, CYBRARY, and Information Systems Security Association International ISSA.

Mohammad Ilyas Essar is a Certified OSCP, CRTO, HTB CPTS, CASP+, PENTEST+, and CEH Master. He is currently employed as a Senior Cybersecurity Analyst in Canada. He is highly passionate and dedicated to the field of cybersecurity. With a solid career background in this domain, he brings five years of progressive experience spanning various domains. Ilyas specializes in Red Teaming, offensive security, and penetration testing, consistently achieving exceptional results. Ilyas is constantly driven to excel in his field, actively participating in Capture The Flag (CTF) competitions, where he dedicates a significant portion of his time to honing his skills as a Pentester and Red Teamer. He is also part of Synack Red Team, where he performs bug bounty hunting.