Sign up to save your podcasts
Or
Share Building the SOC of the Future - JP Bourget, Michael Mumcuoglu - ESW #399
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Building the SOC of the Future - JP Bourget, Michael Mumcuoglu - ESW #399
What does a mature SecOps team look like? There is pressure to do more with less staff, increase efficiency and reduce costs. JP Bourget's experience has led him to believe that the answer isn't a tool upgrade, it's better planning, architecture, and process.
In this interview, we'll discuss some of the common mistakes SecOps teams make, and where to start when building the SOC of the future.
It feels like forever ago, but in the mid-2010s, we collectively realized, as an industry, that prevention was never going to be enough. Some attacks were always going to make their way through. Then ransomware got popular and really drove this point home. Detection engineering is a tough challenge, however.
Where do we start? Which attacks should we build detections for? How much of the MITRE ATT&CK matrix do we need to cover? How often do these detections need to be reviewed and updated? Wait, are any of our detections even working?
In this interview with Michael Mumcuoglu, we'll discuss where SecOps teams get it wrong. We'll discuss common pitfalls, and strategies for building more resilient and effective detections.
Again, as an industry, we need to understand why ransomware attacks keep going unnoticed, despite attackers using routine techniques and tools that we see over and over and over again.
Session Resources:
- Rethinking Threat Exposure Management: A Unified Approach to Reducing Risk
This week, JP Bourget from Blue Cycle is with us to discuss Building the SOC of the Future
Then, Michael Mumcuoglu (Moom-cuoglu) from CardinalOps joins us to talk about improving detection engineering.
In the enterprise security news,
Google bets $32B on a Wiz Kid Cybereason is down a CEO, but $120M richer EPSS version 4 is out Github supply chain attacks all over A brief history of supply chain attacks Why you might want to wait out the Agentic AI trend Zyxel wants you to throw away their (old) products HP printers are quantum resilient (and no one cares) A giant rat is my hero All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-399
View all episodes
By Security Weekly Productions
4.9
1414 ratings
What does a mature SecOps team look like? There is pressure to do more with less staff, increase efficiency and reduce costs. JP Bourget's experience has led him to believe that the answer isn't a tool upgrade, it's better planning, architecture, and process.
In this interview, we'll discuss some of the common mistakes SecOps teams make, and where to start when building the SOC of the future.
It feels like forever ago, but in the mid-2010s, we collectively realized, as an industry, that prevention was never going to be enough. Some attacks were always going to make their way through. Then ransomware got popular and really drove this point home. Detection engineering is a tough challenge, however.
Where do we start? Which attacks should we build detections for? How much of the MITRE ATT&CK matrix do we need to cover? How often do these detections need to be reviewed and updated? Wait, are any of our detections even working?
In this interview with Michael Mumcuoglu, we'll discuss where SecOps teams get it wrong. We'll discuss common pitfalls, and strategies for building more resilient and effective detections.
Again, as an industry, we need to understand why ransomware attacks keep going unnoticed, despite attackers using routine techniques and tools that we see over and over and over again.
Session Resources:
- Rethinking Threat Exposure Management: A Unified Approach to Reducing Risk
This week, JP Bourget from Blue Cycle is with us to discuss Building the SOC of the Future
Then, Michael Mumcuoglu (Moom-cuoglu) from CardinalOps joins us to talk about improving detection engineering.
In the enterprise security news,
Google bets $32B on a Wiz Kid Cybereason is down a CEO, but $120M richer EPSS version 4 is out Github supply chain attacks all over A brief history of supply chain attacks Why you might want to wait out the Agentic AI trend Zyxel wants you to throw away their (old) products HP printers are quantum resilient (and no one cares) A giant rat is my hero All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-399
More shows like Enterprise Security Weekly (Audio)
View all
Security Now (Audio)
1,966 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
CyberWire Daily
1,012 Listeners
Business Security Weekly (Audio)
3 Listeners
Smashing Security
313 Listeners
Click Here
386 Listeners
Darknet Diaries
7,842 Listeners
Cybersecurity Today
164 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
311 Listeners
Defense in Depth
78 Listeners
Cyber Security Headlines
119 Listeners
Risky Bulletin
33 Listeners