Critical infrastructure, Incident response, Security awareness

State of the SOC – Mark Boltz-Robinson – PSW #734

Mark is currently involved in building a security operations center for a large organization with an established infrastructure and teams already in place. In this chat, we'll explore the state of the SOC today, the challenges of building one, the reality versus expectations roles, what is SOAR'ing and not, and more. Tangential paths will likely be followed, as information security is fun to talk about in general!

Segment Resources:

http://www.securitybsides.com

https://www.bsidesdc.org

Full episode and show notes

Guest

Mark Boltz-Robinson
Mark Boltz-Robinson
Manager, ADRP Team at Trellix

Mark has been in information security for about 30 years, starting off in academia, and focused on networking, to moving to Unix systems, and then into firewalls, VPNs, load balancing/clustering technologies, and IDS/IPS. He briefly worked with Sourcefire, teaching Snort, Sourcefire, and Snort Rule Writing. After joining McAfee, he lent expertise as a product-side consultant, before changing paths to get into consulting on all things defensive – blue team work including DFIR, threat hunting, threat intelligence, holistic security improvements, compliance, and more.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Josh Marpet
Josh Marpet
Executive Director at RM-ISAO
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element
prestitial ad