SANS Review of Arctic Wolf's SOC-as-a-Service
-
Upload
arctic-wolf-networks -
Category
Technology
-
view
24 -
download
3
Transcript of SANS Review of Arctic Wolf's SOC-as-a-Service
© 2017 The SANS™ Institute – www.sans.org
SOC-as-a-Service: All the Benefits of a SOC Without the High Costs of a DIY Solution
Sponsored by Arctic Wolf
2© 2017 The SANS™ Institute – www.sans.org
Utilizing the SOC
Concierge Security Engineer (CSE)• Extension of your IT or InfoSec team• Benefits of a CSE:• Single point of contact• Deep understanding of environment over time• Experience dealing with security incidents• No need to learn new products or technologies
3© 2017 The SANS™ Institute – www.sans.org
Utilizing the SOC (cont’d.)
Regular meeting with the CSE
4© 2017 The SANS™ Institute – www.sans.org
Customization Rule Engine (CRule)
One of the biggest benefits of CyberSOC is the ease of customization. This allowed us to:
• Rank assets• Rank severity• Rank alerts
5© 2017 The SANS™ Institute – www.sans.org
Mean Time to DetectScenario 1: Ransomware detonated in our environment
6© 2017 The SANS™ Institute – www.sans.org
Conclusion• SOC is a proven security solution that increases a company’s
security posture.• Challenges with typical SOCs are the high cost of
implementation and the length of time to build.• Arctic Wolf Network’s CyberSOC offering is well-suited to
midsize organizations. Benefits include:• Short time to implement and comparative low cost—
minutes rather than months or years to get up and running• Provides a comprehensive SOC-as-a-Service solution• Vets through millions of events on behalf of the customer• Reduces customer alert fatigue by identifying false positives before they
reach the customer• Provides a dedicated CSE to work with the customer