Sign up to save your podcasts
Or
Share Building the SOC of the Future - JP Bourget, Michael Mumcuoglu - ESW #399
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Building the SOC of the Future - JP Bourget, Michael Mumcuoglu - ESW #399
What does a mature SecOps team look like? There is pressure to do more with less staff, increase efficiency and reduce costs. JP Bourget's experience has led him to believe that the answer isn't a tool upgrade, it's better planning, architecture, and process.
In this interview, we'll discuss some of the common mistakes SecOps teams make, and where to start when building the SOC of the future.
It feels like forever ago, but in the mid-2010s, we collectively realized, as an industry, that prevention was never going to be enough. Some attacks were always going to make their way through. Then ransomware got popular and really drove this point home. Detection engineering is a tough challenge, however.
Where do we start? Which attacks should we build detections for? How much of the MITRE ATT&CK matrix do we need to cover? How often do these detections need to be reviewed and updated? Wait, are any of our detections even working?
In this interview with Michael Mumcuoglu, we'll discuss where SecOps teams get it wrong. We'll discuss common pitfalls, and strategies for building more resilient and effective detections.
Again, as an industry, we need to understand why ransomware attacks keep going unnoticed, despite attackers using routine techniques and tools that we see over and over and over again.
Session Resources:
- Rethinking Threat Exposure Management: A Unified Approach to Reducing Risk
This week, JP Bourget from Blue Cycle is with us to discuss Building the SOC of the Future
Then, Michael Mumcuoglu (Moom-cuoglu) from CardinalOps joins us to talk about improving detection engineering.
In the enterprise security news,
Google bets $32B on a Wiz Kid Cybereason is down a CEO, but $120M richer EPSS version 4 is out Github supply chain attacks all over A brief history of supply chain attacks Why you might want to wait out the Agentic AI trend Zyxel wants you to throw away their (old) products HP printers are quantum resilient (and no one cares) A giant rat is my hero All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-399
View all episodes
By Security Weekly Productions
4.4
206206 ratings
What does a mature SecOps team look like? There is pressure to do more with less staff, increase efficiency and reduce costs. JP Bourget's experience has led him to believe that the answer isn't a tool upgrade, it's better planning, architecture, and process.
In this interview, we'll discuss some of the common mistakes SecOps teams make, and where to start when building the SOC of the future.
It feels like forever ago, but in the mid-2010s, we collectively realized, as an industry, that prevention was never going to be enough. Some attacks were always going to make their way through. Then ransomware got popular and really drove this point home. Detection engineering is a tough challenge, however.
Where do we start? Which attacks should we build detections for? How much of the MITRE ATT&CK matrix do we need to cover? How often do these detections need to be reviewed and updated? Wait, are any of our detections even working?
In this interview with Michael Mumcuoglu, we'll discuss where SecOps teams get it wrong. We'll discuss common pitfalls, and strategies for building more resilient and effective detections.
Again, as an industry, we need to understand why ransomware attacks keep going unnoticed, despite attackers using routine techniques and tools that we see over and over and over again.
Session Resources:
- Rethinking Threat Exposure Management: A Unified Approach to Reducing Risk
This week, JP Bourget from Blue Cycle is with us to discuss Building the SOC of the Future
Then, Michael Mumcuoglu (Moom-cuoglu) from CardinalOps joins us to talk about improving detection engineering.
In the enterprise security news,
Google bets $32B on a Wiz Kid Cybereason is down a CEO, but $120M richer EPSS version 4 is out Github supply chain attacks all over A brief history of supply chain attacks Why you might want to wait out the Agentic AI trend Zyxel wants you to throw away their (old) products HP printers are quantum resilient (and no one cares) A giant rat is my hero All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-399
More shows like Security Weekly Podcast Network (Audio)
View all
Security Now (Audio)
1,972 Listeners
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
Hacked
182 Listeners
CyberWire Daily
1,007 Listeners
Smashing Security
311 Listeners
Click Here
400 Listeners
Darknet Diaries
7,864 Listeners
Cybersecurity Today
171 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
315 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
129 Listeners
Risky Bulletin
33 Listeners