pdf

SOC Summit Survey Deep Dive.pdf
Soc Summit Survey Deep Dive

In-depth analysis of SOC survey data and analyst pain points.

This page contains AI generated content. Errors or omissions may be present. Use human level critical thinking.
  • Q: What was the primary focus of the 2017 SOC Summit Survey Deep Dive?
    A: Analyzing the results of the SANS SOC survey with a focus on 'boots on the ground' reality.
  • Q: What was the most common 'Pain Point' reported by analysts?
    A: Lack of visibility and excessive noise (false positives).
  • Q: What percentage of SOCs reported having 'Full Visibility'?
    A: Less than 20%.
  • Q: What technology was rated highest for 'Value'?
    A: SIEM and Endpoint Detection and Response (EDR).
  • Q: What is the 'so what' factor in metrics?
    A: The need for metrics to tell a story and drive decision-making, not just show numbers.
  • Q: What was the trend regarding 'Outsourcing'?
    A: A shift towards hybrid models where Tier 1 is outsourced but Tier 2/3 remains in-house.
  • Q: What is the 'Analyst to Device' ratio discussed?
    A: A metric attempting to define optimal staffing levels based on infrastructure size.
  • Q: What is the 'Skill Shortage' impact?
    A: Increasing reliance on automation and managed services.
  • Q: What is the recommendation for 'Use Case' management?
    A: Regularly reviewing and retiring ineffective use cases.
  • Q: What is the 'Threat Hunting' maturity level?
    A: Most organizations were still in the early stages (ad-hoc) of threat hunting.

Ask a question

Have a doubt or need clarification?



I’m here to help. Share your question, and I’ll get back to you with the guidance you need regarding the course.

Thank you!

I have received your message and I shall get back to you shortly.