Shah Sheikh

Sr. Security Consultant at DTS Solution (UAE)

Specialties: Mobile Network Security – 3GPP (GTP) and LTE (SecGW) TS33.201/301 security architectures and service flow analysis.

Managed Security Service Provider (MSSP) solution architecture design and deployment – SSL VPN and UTM offerings.

Cloud Computing Security Control Design – Multi-tenancy, Virtualization, Elasticity, Encryption Key Management.

SCADA/ICS Security – Secure Architecture and SCADA Security Operations Center

Building a Cyber Security Operations Center

Modern day cyber threats are ever increasing and organizations face a challenge to proactively and continuously monitor security posture across their entire infrastructure whilst keep attackers and threat actors at bay. In this presentation we will cover the fundamental building blocks of building a security operations center that is proactive and act as the line of authority for all your other security entities like incident management, forensics, vulnerability management etc. A reference case study will be presented along with proven implementation methodology.

1. SIEM 2.0 – log collection, aggregation, analytics and correlation
2. Contextual Threat Cases and Situational Awareness
3. SOC 2.0 and its components to form an eco-system.
4. Building Threat Intelligence and Early warning detection system within your command center.
5. Some new concepts – OSINT and SOCMINT and how it helps.
6. SOC Processes, Procedures and Workflows.
7. Execute!

Presentation @DefCamp 2015