If 10 years ago, building your SOC meant asking yourself which scenarios to monitor, which log sources to collect and which SIEM to choose, recent developments in the IS have brought new challenges: how to set up monitoring in…
Tag: SOC
Machine Learning is an emerging topic in recent years, particularly in the context of cyber security monitoring. However, as mentioned in the article "Boost your Cybersecurity thanks to Machine Learning" (Part 1 & Part 2), the development of such solutions…
Le Machine Learning est un sujet émergeant de ces dernières années et notamment dans le cadre de la surveillance cybersécurité. Cependant, comme évoqué dans l’article « Booster sa cybersécurité grâce à du Machine Learning » (Partie 1 & Partie 2), le développement…
At a time when the internalized IS is no more than a distant memory giving way to a multiplication of external services hosting data, the SOC's mission remains the same: to detect cybersecurity incidents in order to react as quickly…
Migrations to Microsoft's Digital Workplace platform, Office 365, are well advanced, if not already completed. It is now time to improve processes, but above all, to secure them. Several topics must be addressed when securing Office 365 including the need…
In a previous article, we saw that the Smart City was inducing a paradigm shift which, combined with the general public's high expectations on the security of its data, required adapting the approach to such a project. Indeed, as the…
As the role of Artificial Intelligence grows in companies, from predictive maintenance to price optimization, new so-called ‘intelligent’ tools are being developed for cybersecurity. How do these tools exploit recent developments in Machine Learning? What steps should be taken to…
After the first article, which covered "Extending the scope of detection to new perimeters" (available here), this second installment is the next in our summer series about the SOC... Enhancing detection with new approaches Think identity to detect suspect…
SOC teams are finding it more and more difficult to detect increasingly complex attacks that take place over ever larger perimeters. At the same time, they are bearing the full brunt of the explosion in the number of alerts to…
Faced with increasingly insistent and advanced threats, Security Operations Centers (SOCs) must be able to detect security incidents as quickly as possible in order to be able to react ever more effectively. However, they are also facing increasingly stringent measures…