[HTML][HTML] Understanding situation awareness in SOCs, a systematic literature review
HJ Ofte, S Katsikas - Computers & Security, 2023 - Elsevier
Situation awareness is shown through human factors research to be a valuable construct to
understand and improve how humans perform while operating complex systems in critical …
understand and improve how humans perform while operating complex systems in critical …
Vulcon: A system for vulnerability prioritization, mitigation, and management
Vulnerability remediation is a critical task in operational software and network security
management. In this article, an effective vulnerability management strategy, called VULCON …
management. In this article, an effective vulnerability management strategy, called VULCON …
A novel team formation framework based on performance in a cybersecurity operations center
A Cybersecurity Operations Center (CSOC) performs various tasks to protect an
organization from cyber threats. Several types of personnel collaborate to function effectively …
organization from cyber threats. Several types of personnel collaborate to function effectively …
A Machine Learning and Optimization Framework for Efficient Alert Management in a Cybersecurity Operations Center
Cybersecurity operations centers (CSOCs) protect organizations by monitoring network
traffic and detecting suspicious activities in the form of alerts. The security response team …
traffic and detecting suspicious activities in the form of alerts. The security response team …
Cyber trust index: A framework for rating and improving cybersecurity performance
S Malaivongs, S Kiattisin, P Chatjuthamard - Applied Sciences, 2022 - mdpi.com
Background Cybersecurity risk is among the top risks that every organization must consider
and manage, especially during this time wherein technology has become an integral part of …
and manage, especially during this time wherein technology has become an integral part of …
Understanding tradeoffs between throughput, quality, and cost of alert analysis in a CSOC
Intrusion detection systems (IDSs) analyze data that are collected by sensors, which monitor
the network traffic. Any alert generated by the IDS is transmitted to a cybersecurity …
the network traffic. Any alert generated by the IDS is transmitted to a cybersecurity …
Saibersoc: Synthetic attack injection to benchmark and evaluate the performance of security operation centers
M Rosso, M Campobasso, G Gankhuyag… - Proceedings of the 36th …, 2020 - dl.acm.org
In this paper we introduce SAIBERSOC, a tool and methodology enabling security
researchers and operators to evaluate the performance of deployed and operational …
researchers and operators to evaluate the performance of deployed and operational …
[HTML][HTML] Technical performance metrics of a security operations center
J Forsberg, T Frantti - Computers & Security, 2023 - Elsevier
This research introduces a novel framework for creating metrics intended for security
operations centers (SOCs). The framework is developed using the design science research …
operations centers (SOCs). The framework is developed using the design science research …
SAIBERSOC: A Methodology and Tool for Experimenting with Security Operation Centers
M Rosso, M Campobasso, G Gankhuyag… - Digital Threats: Research …, 2022 - dl.acm.org
In this article, we introduce SAIBERSOC (Synthetic Attack Injection to Benchmark and
Evaluate the Performance of Security Operation Centers), a tool and methodology enabling …
Evaluate the Performance of Security Operation Centers), a tool and methodology enabling …
A methodology for ensuring fair allocation of CSOC effort for alert investigation
Abstract A Cyber Security Operations Center (CSOC) often sells services by entering into a
service level agreement (SLA) with various customers (organizations) whose network traffic …
service level agreement (SLA) with various customers (organizations) whose network traffic …