-
Book Overview & Buying
-
Table Of Contents
SOC Analyst Career Guide
By :
As you have previously learned, adversaries use Tactics, Techniques, and Procedures (TTPs) to accomplish malicious objectives and goals on the cyber battlefield. Just as adversaries employ TTPs, cyber defenders must develop and employ TTPs to systematically detect and respond to them. If a blue team must develop new tactics each time they face an adversary, they risk wasting unnecessary time and energy. Instead, they should use repeatable, systematic methods to improve their practices.
Fortunately, you can begin developing repeatable methods now to address how blue teams defend against real-world attacks, the techniques and workflows they use, and how to build a home SIEM. Each role within the security operations center (SOC) affords unique opportunities to create repeatable defender approaches.
In this chapter, you’re going to cover the following main topics: