Unifying and Optimizing the Main Pillars of a SOC Stack

Presented by

Stan Golubchik and Arash Marzban, hosted by Multi-Cloud Leadership Alliance (Leah McLean & Sandhya Gorman)

About this talk

SOC in-house spend is at an average of $2.72M on security engineering alone. This work entails integrating disparate security data, building out rules and content, and automating processes – yet 23% of SOC leaders said their efforts in this area of security engineering were actually effective. It’s no wonder that this continues to be a problem across operators as they wrestle with a deluge of alerts, gaining a higher ground for better threat visibility, and increasing efficacy on detections. While the SOC tool stack is now enumerated with best of breed security analytics tools and remediation software, each of these tools’ ushers in its own level of expertise and costly overhead to manage. The ROI is severely lacking across many enterprises with these costly tools and the ancillary managed services that chomp into budget as operational efficiency is still rampant. In this session, we will provide an analysis of the following: • Core security stack in a SOC that includes SIEM, SOAR, EDR, and XDR • How these technologies are synergistic with the people and process of the SOC of the modern era • What improvements can be made in order for SOC operations to be more efficient against threat mitigation, time to acknowledge, and time to response against emerging threats in the enterprise.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (7)
Subscribers (177)
Multi Cloud Alliance (MCLA) and Cyber Future Foundation Channel