ad
In Zusammenarbeit mit:
Article

Optimizing SOC operations with tailored playbooks: features of effective playbook development

Many scenarios that teams encounter in a security operations center (SOC) eventually resurface, like waves returning to shore. They may look unique, but the underlying patterns are the same. SOC playbooks, which are step-by-step instructions tied to incident categories, are labor-saving tools that help you address these scenarios. A playbook gives analysts a clear path forward under time and pressure constraints. It shouldn’t be confused, however, with an incident response (IR) plan, which is the blueprint that defines an organization’s hig...
mehr
Article

Historical data analysis in security operations: the role of retrospective search

This essay was written by Sergey Soldatov, Kaspersky’s Head of Security Operations Center. It explores the unique role of threat hunting in detecting advanced persistent threats (APTs) that evade automated security solutions, positioning it as a critical component of a modern SOC’s detection and response strategy. Drawing from real-world detection practices, it outlines how threat hunting complements alert-driven SOC operations through retrospective analysis and hypothesis-driven investigation, using telemetry data such as EDR/NDR logs.
mehr
Article

IoC hunting in action: practical pivoting techniques

This article was written by Damir Shaykhelislamov, an employee working within Kaspersky’s Expert Security Solutions department. It explores the importance of IoC pivoting in modern threat hunting and demonstrates how to move from basic IoC detection to building a broader picture of nefarious activity. The article includes real-world examples that will help analysts to enrich indicators and optimize workflows with threat intelligence, such as: • Infrastructure-based pivoting (e.g., IPs, domains, SSL certificates) • Malware artifact discovery...
mehr
Bericht

The Core of сyber defense: End-to-End SOC expertise — Run, Build, and Improve

Security operations centers (SOCs) are under unprecedented strain. This is the result of surging cyberthreats, overwhelming alert volumes and a shortage of skilled, experienced analysts. Tool maintenance is another time sink, with many SOCs spending more time configuring tech than protecting their organization.  Tired teams are of course less effective, yet many SOCs admit to being overworked. This delays detection, slows response and leads to burnout, forcing valuable analysts to leave. And those analysts are difficult to replace, with aro...
mehr
Article

Getting it right the first time: SOC deployment without regrets

There is no universal lightbulb moment when organizations realize they need a security operations center (SOC). Businesses, like people, are distinct entities that navigate unique challenges and mature at different rates. Nowhere is this truer than cybersecurity, with digital transformation and technological complexity inviting new risks over time – from mitigating targeted attacks to maintaining compliance on a global scale. There are, however, common triggers that set the SOC-creation process in motion. Some of these are logical and proac...
mehr
Article

Effective onboarding and mentorship in SOC teams

This essay was written by Renat Gimadiev, SOC Solutions Expert in Kaspersky’s Expert Security Solutions department. It highlights the critical role of structured onboarding and mentorship in modern SOCs, showing how intentional programs can accelerate analyst readiness, improve retention and reduce burnout. It draws from real-world challenges to outline actionable strategies that help new hires become productive, including: • Structured onboarding plans (e.g., 30/60/90-day models with balanced theory and practice) • Defined mentorship roles...
mehr
Aktuelle Themen
Whitepaper
Optimizing SOC operations with tailored playbooks: features of effective playbook development
Whitepaper
Historical data analysis in security operations: the role of retrospective search
Whitepaper
IoC hunting in action: practical pivoting techniques
Bericht
The Core of сyber defense: End-to-End SOC expertise — Run, Build, and Improve
Whitepaper
Getting it right the first time: SOC deployment without regrets
Whitepaper
Effective onboarding and mentorship in SOC teams

Hervorgehobene Inhalte

The Core of сyber defense: End-to-End SOC expertise — Run, Build, and Improve



business-iq.net
Nachrichten
Themen
Whitepaper
Über uns
B2B Media Group
Rechtsinformation
Datenschutz
Herunterladebedingungen
Werbung
Kontakt
E-Mail
Pressekontakt
Redaktion
Beitrag leisten
© 2025 B2B Media Group GmbH. Alle Rechte vorbehalten.