Building an Open-Source Security Operations Center
Technical Account Manager
Security operations centers (SOCs) have an unwieldy amount of security tools in use that are often not designed to work together. Teams are increasingly seeking free, open-source alternatives.
Join this special on-demand webinar during which Arnaud Loos, technical account manager at Siemplify, will go beyond the theory and provide real-life examples of products you can use to build a truly “open-source” SOC whose stack includes Elasticsearch, Su, MISP, OSQuery, T-Pot and more.
To tie everything together, you will learn how you can leverage the Siemplify Security Operations Community Edition, a free platform to get your SOC well acquainted with the power of security orchestration, automation and response (SOAR).
During this presentation, you will learn how to:
- Build a “SOC in a box” with open-source tools and SOAR technology.
- Test top MITRE ATT&CK techniques with the Atomic Red Team library.
- Use Elasticsearch EQL to detect indicators of compromise (IOC) and hunt for threats.