Wednesday, August 30, 2017

Building a SOC

I gave a talk last Friday at the last Ruxmon before the hiatus for Ruxcon on building a SOC. The slide deck should be up here: http://ruxmon.com/melbourne/. Now the map is not the territory, and the slide deck is not the talk (in some ways it's more useful). There are links to a lot of things you should be familiar with as well as three slides of some of the books it's worth investing some time in.

An interesting point is that I was suggesting Apache Metron was worth attendees' time checking out and it would appear Telstra agrees as the SOC's they've opened in Sydney and Melbourne are running Metron.

Based on the OpenSOC project created at Cisco, Metron entered the Apache Incubator program in December 2015, had its first release in April 2016, and became a top-level project earlier this year (April 2017).

Go here to check it out: http://metron.apache.org/about/.

No comments: