SOC Ops Simplified

Simplifying Security Operations so you can focus on critical work.

SOC Ops Simplified is a small collective of cybersecurity writers contributing to open-source education and information sharing on security operations via our blog.

Whether you’re a security analyst, an engineer, an architect, a watch officer, or a SOC manager, we are here to provide content, insights, and opinion on cyber defense and how to improve your SOC, one post at a time!

Expert Areas

Security Analytics

 

Security Analytics is the foundation of SOCs. Our mechanisms to detect, prevent, and respond are the vital functions of what we do, so our experience is grounded in performing these functions at a granular level. Every analyst should feel comfortable reading alerts, performing hunting, and creating content to support their daily ops tempo!

Malware Analysis

 

Simply overlooked because it is considered complex and time-consuming, malware analysis is an essential skill set that every SOC should have. Analysts shouldn’t stray from this concept because of its overwhelming barrier to entry. With our SANS Lethal Forensicator expert, we can break down the idea so that this skillset isn’t gatewayed.

Managing SOC’s

 

A SOC Manager should always be prepared, self-aware, and self-assessing. You're already behind if you’re questioning what’s around every corner. Having spanned across multiple SOCs, we have expertise in understanding what works, what doesn’t, and what you should try to optimize your ops tempo and team and hopefully reduce the fatigue your analysts feel.

Technologies

 

Security firms and partners are developing new tools daily, and the noise never stops. They aim to destroy every problem your SOC has, yet you may feel left out to dry when you get them. We intend to break through the noise and help develop an understanding of concepts from XDR to SOAR, to Firewalls, and more!

Threat Intelligence

 

Your team probably says you use it, but there is a difference between a spreadsheet of indicators you have to look at constantly and operationalizing the intelligence you have. We likely have thousands of IOC transactions daily, yet we don’t understand their purpose and how to respond. We understand the nature of Cyber Threat Intelligence and want to break it down so you can better work with the indicators you have and not only cut through the noise but prioritize what should be first.