What is security operations
Credit goes to https://www.youtube.com/@AdventTechAcademy
Hello All
This series, we are going to cover security operations which covers Azure and M365 Security defender for cloud, defender for endpoints. These are called security operations.
All end points are connected to internet now a days.
Endpoints are mobile laptop desktop, Azure Servers, Databases etc.
Now a days we can work anywhere in the wold , like work from mobile, work from travel, work from home etc. , so all the devices are connected to internet frequently.
Internet has many threats, like security threats, cyber threats example, Malware, web application Attacks, Phishing emails. SPAM, DDOS, identity threat, Ransomware, data breach...
Security Operation Center ( SOC / GSOC)
SOC team is protecting from cyber threat from all corporate networks . This team has set of professionals with different expertise like server support, Cloud engineer, Email support, etc..)
This team is responsible to resolve any incidents related to security and cyber threats and protecting On-premiere environments also
SOC Team Responsible
- To stop an intrusion
- isolate the affected systems
- Recover the data
- Threat hunting
- Vulnerability Management
- Malware analysis
- forensic Investigations
Skill Set for SOC Team
SOC teams need to have an array of skills
- Communication Skills
- Organisation Skills
- Detective Mindset
- Outstanding problem solving Skills
- Apply to conduct preventive and Predictive analysis to help and mitigate the feature threats
SOC team is a group of cyber security team professionals who have monitoring , analysing, and protecting the organisation from cyber attacks
See you in the next part 2 of this series...soon.
Comments
Post a Comment