Challenges and performance metrics for security operations center analysts: a systematic review
E Agyepong, Y Cherdantseva, P Reinecke… - Journal of Cyber …, 2020 - Taylor & Francis
The increasing use of Security Operations Centers (SOCs) by organisations as a part of their
cyber security strategy has led to several studies aiming to understand and improve SOC …
cyber security strategy has led to several studies aiming to understand and improve SOC …
Security operations center: A systematic study and open challenges
Since the introduction of Security Operations Centers (SOCs) around 15 years ago, their
importance has grown significantly, especially over the last five years. This is mainly due to …
importance has grown significantly, especially over the last five years. This is mainly due to …
99% false positives: A qualitative study of {SOC} analysts' perspectives on security alarms
In this work, we focus on the prevalence of False Positive (FP) alarms produced by security
tools, and Security Operation Centers (SOCs) practitioners' perception of their quality. In an …
tools, and Security Operation Centers (SOCs) practitioners' perception of their quality. In an …
How integration of cyber security management and incident response enables organizational learning
Digital assets of organizations are under constant threat from a wide assortment of nefarious
actors. When threats materialize, the consequences can be significant. Most large …
actors. When threats materialize, the consequences can be significant. Most large …
Human factors in security research: Lessons learned from 2008-2018
Instead of only considering technology, computer security research now strives to also take
into account the human factor by studying regular users and, to a lesser extent, experts like …
into account the human factor by studying regular users and, to a lesser extent, experts like …
Hackers vs. testers: A comparison of software vulnerability discovery processes
Identifying security vulnerabilities in software is a critical task that requires significant human
effort. Currently, vulnerability discovery is often the responsibility of software testers before …
effort. Currently, vulnerability discovery is often the responsibility of software testers before …
Matched and mismatched SOCs: A qualitative study on security operations center issues
Organizations, such as companies and governments, created Security Operations Centers
(SOCs) to defend against computer security attacks. SOCs are central defense groups that …
(SOCs) to defend against computer security attacks. SOCs are central defense groups that …
" I Have No Idea What I'm Doing"-On the Usability of Deploying {HTTPS}
Protecting communication content at scale is a difficult task, and TLS is the protocol most
commonly used to do so. However, it has been shown that deploying it in a truly secure …
commonly used to do so. However, it has been shown that deploying it in a truly secure …
Examining the efficacy of decoy-based and psychological cyber deception
KJ Ferguson-Walter, MM Major, CK Johnson… - 30th USENIX security …, 2021 - usenix.org
The threat of cyber attacks is a growing concern across the world, leading to an increasing
need for sophisticated cyber defense techniques. Attackers often rely on direct observation …
need for sophisticated cyber defense techniques. Attackers often rely on direct observation …
[HTML][HTML] A systematic method for measuring the performance of a cyber security operations centre analyst
E Agyepong, Y Cherdantseva, P Reinecke… - Computers & Security, 2023 - Elsevier
Analysts who work in a Security Operations Centre (SOC) play an essential role in
supporting businesses to protect their computer networks against cyber attacks. To manage …
supporting businesses to protect their computer networks against cyber attacks. To manage …