For October Cybersecurity Consciousness month, Cisco and NetWitness launched the RSA Convention (RSAC) 2024 Safety Operations Heart (SOC) Findings Report.
Since 2017, the SOC has been an academic exhibit at RSAC. The aim is to observe community exercise throughout the occasion and supply excursions of the SOC and a session throughout the convention. From the excursions and periods, and this Findings Report printed by sponsors Cisco and NetWitness, you’ll be able to achieve perception into what occurs on an open, unsecured wi-fi community. The community infrastructure at RSAC is managed by the Moscone Heart. You’ll be able to see the repeat session of 2024.
The know-how stack within the RSAC SOC continues to evolve. In 2024, we implement the NetWitness Platformtogether with NetWitness® Community, NetWitness® Logs, and NetWitness® Orchestrator. We additionally use Safe firewall and the Cisco Safety Cloud (Cisco Breach Safety Suite, Consumer Safety Suite and Cloud Safety Suite).
The incidents beneath investigation had been correlated with menace intelligence, supplied by Cisco Talosand licenses supplied by alphamountain, IBM X-Drive Change, pulsed diving and future engravingand group sources.
For the primary time within the SOC, Splunk Enterprise Safety was used as a Safety Incident and Occasion Administration (SIEM) platform. A number of integrations, together with NetWitness NDR, Cisco Firewall logs, and enrichment with Recorded Future, have been enabled for investigations with Cisco XDR.
The Findings Report contains sections on:
- Know-how used within the SOC on the RSA Convention
- The information, by NetWitness
- Integration and menace looking
- Malware evaluation
- Administration of safety incidents and occasions
- Intrusion detection
- Safety cloud
- Conclusion
You too can verify the weblog. Getting our customized “SOC in a Field” up and working on the RSA 2024 Conventionfor extra details about the {hardware} and SOC topology.
Obtain the RSA 2024 Convention Safety Operations Heart Findings Report. You too can see the 2023 report. We hope to see you in finish of April 2025!
Acknowledgments: Our due to those that made the SOC potential at RSAC. Please see the report for engineering roles, thanks.
We might love to listen to what you suppose. Ask a query, remark beneath, and keep related with Cisco Safe on social media.
Cisco Safety Social Channels
Share:
