SANS Common and Best Practices for Security Operations Centers (SOC)
Lack of skilled staff, budget, and effective automation are the most commonly cited reasons for failing to achieve excellence in existing SOCs. To gain management support for resources, SOC managers need to move beyond quantity-based metrics to business-relevant metrics.
In this survey, senior SANS instructor and course author Christopher Crowley, along with advisor and SANS director of emerging technologies John Pescatore, provide objective data to security leaders who are looking to establish a SOC or optimize an existing one.
Get an overview of common and best practices, defendable metrics that can be used to justify SOC resources to management, and which key areas SOC managers can prioritize to increase the effectiveness and efficiency of security operations.