{"id":290,"date":"2023-08-18T19:31:23","date_gmt":"2023-08-18T19:31:23","guid":{"rendered":"https:\/\/digisentinel.org\/?page_id=290"},"modified":"2023-08-18T19:31:23","modified_gmt":"2023-08-18T19:31:23","slug":"security-operations","status":"publish","type":"page","link":"https:\/\/digisentinel.org\/index.php\/cyber-security-thoughts\/security-operations\/","title":{"rendered":"Security Operations"},"content":{"rendered":"<ul class=\"wp-block-latest-posts__list has-dates wp-block-latest-posts\"><li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2025\/04\/27\/the-importance-of-metrics-in-a-security-operations-center-soc\/\">The Importance of Metrics in a Security Operations Center (SOC)<\/a><time datetime=\"2025-04-27T09:00:00+00:00\" class=\"wp-block-latest-posts__post-date\">April 27, 2025<\/time><div class=\"wp-block-latest-posts__post-excerpt\">Security Operations Centers (SOCs) thrive on metrics to operate efficiently, benchmark performance, and drive continual improvement. However, one of the most significant challenges many SOCs face is collecting and generating meaningful metrics. Why Are SOC Metrics Crucial? Metrics in the SOC serve several critical functions: Proposed Metrics for SOC Performance To enhance cohesion and performance,\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2025\/04\/27\/the-importance-of-metrics-in-a-security-operations-center-soc\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: The Importance of Metrics in a Security Operations Center (SOC)<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2024\/10\/02\/the-path-to-zero-trust-a-comprehensive-security-framework\/\">The Path to Zero Trust: A Comprehensive Security Framework<\/a><time datetime=\"2024-10-02T22:33:35+00:00\" class=\"wp-block-latest-posts__post-date\">October 2, 2024<\/time><div class=\"wp-block-latest-posts__post-excerpt\">Imagine you have a big box of toys, and you only want to share them with your friends. But instead of just trusting anyone who says they are your friend, you check every time they come to play. You ask them, &#8220;Are you really my friend? Can you show me your special toy or password?&#8221;\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2024\/10\/02\/the-path-to-zero-trust-a-comprehensive-security-framework\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: The Path to Zero Trust: A Comprehensive Security Framework<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/10\/04\/harnessing-ai-in-cybersecurity-annex-slides\/\">Harnessing AI in Cybersecurity &#8211; Annex Slides<\/a><time datetime=\"2023-10-04T20:28:33+00:00\" class=\"wp-block-latest-posts__post-date\">October 4, 2023<\/time><div class=\"wp-block-latest-posts__post-excerpt\">These additional slides were created as part of one of our classes to complement the class slides I&#8217;ll cover the story below a little bit in class. The Rise and Rapid Fall of Microsoft&#8217;s Tay In the early months of 2016, the digital corridors of Twitter were abuzz with conversations spanning every conceivable topic. Sensing\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/10\/04\/harnessing-ai-in-cybersecurity-annex-slides\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: Harnessing AI in Cybersecurity &#8211; Annex Slides<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/09\/20\/siem-logic-unveiled-how-soc-analysts-detect-and-respond-to-security-incidents\/\">SIEM Logic Unveiled: How SOC Analysts Detect and Respond to Security Incidents<\/a><time datetime=\"2023-09-20T22:07:24+00:00\" class=\"wp-block-latest-posts__post-date\">September 20, 2023<\/time><div class=\"wp-block-latest-posts__post-excerpt\">Many imagine Security Operations Center (SOC) analysts as modern-day &#8216;Neo&#8217; from &#8216;The Matrix,&#8217; deciphering cascades of streaming data on glowing screens. However, the reality is quite different. SOC analysts dedicate their days to a meticulous task; sorting through alerts, triaging them, and launching investigations into potential security threats. These alerts arrive from a myriad of\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/09\/20\/siem-logic-unveiled-how-soc-analysts-detect-and-respond-to-security-incidents\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: SIEM Logic Unveiled: How SOC Analysts Detect and Respond to Security Incidents<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/09\/18\/mastering-incident-response-a-tldr-guide-to-playbooks-and-runbooks-with-nist-framework\/\">Mastering Incident Response: A TLDR Guide to Playbooks and Runbooks with NIST Framework<\/a><time datetime=\"2023-09-18T19:01:37+00:00\" class=\"wp-block-latest-posts__post-date\">September 18, 2023<\/time><div class=\"wp-block-latest-posts__post-excerpt\">Welcome to another exciting blog post, students and aspiring cybersecurity professionals! Today, we have a topic that sits at the core of cybersecurity operations\u2014Incident Response. It\u2019s not just about detecting incidents but efficiently managing them to minimize damage and future risks. Whether you&#8217;re part of a small IT team or a large Security Operations Center\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/09\/18\/mastering-incident-response-a-tldr-guide-to-playbooks-and-runbooks-with-nist-framework\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: Mastering Incident Response: A TLDR Guide to Playbooks and Runbooks with NIST Framework<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/09\/13\/vulnerability-categories-and-risk-factors\/\">Vulnerability Categories and Risk Factors<\/a><time datetime=\"2023-09-13T23:41:39+00:00\" class=\"wp-block-latest-posts__post-date\">September 13, 2023<\/time><div class=\"wp-block-latest-posts__post-excerpt\">The topic of software and network vulnerabilities is incredibly vast. Vulnerabilities can range from minor issues that pose little to no risk to the business, to significant risks that can bring an organization to its knees. Understanding the categories of vulnerabilities can help you prioritize them effectively. Here&#8217;s an in-depth look at various categories and\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/09\/13\/vulnerability-categories-and-risk-factors\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: Vulnerability Categories and Risk Factors<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/09\/11\/cybersecurity-exercise-understanding-and-applying-the-mitre-attck-framework\/\">Cybersecurity Exercise: Understanding and Applying the MITRE ATT&amp;CK Framework<\/a><time datetime=\"2023-09-11T23:46:10+00:00\" class=\"wp-block-latest-posts__post-date\">September 11, 2023<\/time><div class=\"wp-block-latest-posts__post-excerpt\">Objective: The aim of this exercise is to familiarize students with the MITRE ATT&amp;CK framework by analyzing various cybersecurity scenarios. By dissecting real-world-like attack narratives, you&#8217;ll learn how to identify Tactics, Techniques, and Procedures (TTPs) commonly used by attackers, particularly Advanced Persistent Threats (APTs). Duration: This is a 30-minute exercise broken down into four scenarios,\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/09\/11\/cybersecurity-exercise-understanding-and-applying-the-mitre-attck-framework\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: Cybersecurity Exercise: Understanding and Applying the MITRE ATT&amp;CK Framework<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/08\/18\/examples-of-fields-from-different-systems\/\">Exploring Log Fields in Various Systems<\/a><time datetime=\"2023-08-18T23:48:09+00:00\" class=\"wp-block-latest-posts__post-date\">August 18, 2023<\/time><div class=\"wp-block-latest-posts__post-excerpt\">This post is a continuation of my ongoing post on Log Analysis. See the Initial post hereAnticipating the essential log fields for different systems can be a strategic advantage, offering a blueprint for effective investigations. By understanding the potential log data a system could produce, one gains a roadmap to navigate through the information landscape.\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/08\/18\/examples-of-fields-from-different-systems\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: Exploring Log Fields in Various Systems<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/08\/18\/the-anatomy-of-logs\/\">The Anatomy of Logs<\/a><time datetime=\"2023-08-18T23:36:57+00:00\" class=\"wp-block-latest-posts__post-date\">August 18, 2023<\/time><div class=\"wp-block-latest-posts__post-excerpt\">Deciphering Logs: The Keystone Skill for Security Analysts In a conversation I had with a fellow network security expert in the spring of 2023, an observation struck me profoundly. He emphasized that among new job applicants and even experienced Gen X professionals, a deficiency in troubleshooting skills prevails. As an engineer, was trying to locate\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/08\/18\/the-anatomy-of-logs\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: The Anatomy of Logs<\/span><\/a><\/div><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/08\/02\/honeytokens-using-deception-tactics-to-improve-continuous-security-monitoring-efforts-enterprise-information-security\/\">HONEYTOKENS, using deception tactics to improve continuous security monitoring efforts &#8211; Enterprise Information Security<\/a><time datetime=\"2023-08-02T21:43:40+00:00\" class=\"wp-block-latest-posts__post-date\">August 2, 2023<\/time><div class=\"wp-block-latest-posts__post-excerpt\">Introduction Over the years, as information security teams, we have always been on the defense, forever waiting for the next security event before we can act. Although part of our strategy is to anticipate the adversary, we have not truly started to learn from the trends of the adversary to be prepared for the next\u2026 <a class=\"wp-block-latest-posts__read-more\" href=\"https:\/\/digisentinel.org\/index.php\/2023\/08\/02\/honeytokens-using-deception-tactics-to-improve-continuous-security-monitoring-efforts-enterprise-information-security\/\" rel=\"noopener\">Read more<span class=\"screen-reader-text\">: HONEYTOKENS, using deception tactics to improve continuous security monitoring efforts &#8211; Enterprise Information Security<\/span><\/a><\/div><\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"parent":34,"menu_order":3,"comment_status":"closed","ping_status":"closed","template":"","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_seo_schema_type":"","_wpcom_ai_launchpad_about_page":false,"_wpcom_ai_launchpad_gallery_page":false,"footnotes":""},"class_list":["post-290","page","type-page","status-publish","hentry"],"jetpack_shortlink":"https:\/\/wp.me\/Pgs2Ve-4G","_links":{"self":[{"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/pages\/290","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/comments?post=290"}],"version-history":[{"count":1,"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/pages\/290\/revisions"}],"predecessor-version":[{"id":291,"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/pages\/290\/revisions\/291"}],"up":[{"embeddable":true,"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/pages\/34"}],"wp:attachment":[{"href":"https:\/\/digisentinel.org\/index.php\/wp-json\/wp\/v2\/media?parent=290"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}