Automated Deployment of a Security Operations Center
| Main Author: | |
|---|---|
| Language: | English |
| Published: |
University of Cincinnati / OhioLINK
2020
|
| Subjects: | |
| Online Access: | http://rave.ohiolink.edu/etdc/view?acc_num=ucin1592133599167901 |
| id |
ndltd-OhioLink-oai-etd.ohiolink.edu-ucin1592133599167901 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-OhioLink-oai-etd.ohiolink.edu-ucin15921335991679012021-08-03T07:15:21Z Automated Deployment of a Security Operations Center Cardarelli, Anthony Computer Science Cybersecurity Security Operation Center Small and Medium Businesses Cyber security is a growing issue for organizations today. Larger companies deploy security operations centers to unify their security tools in order provide cyber defense and incident response. Sadly small and medium sized businesses lack the funding to build, operate, and hire the skilled labor required to stand up a SOC (security operations center). The knowledge base required to solve this problem comes from extensive research and is not widely known. A low cost, easy to deploy and operate solution could help bridge the cyber security preparedness gap between large, and small to medium sized businesses by providing the foundation of a security operations center. This will secure the companies deploying a SOC along with the supply chains they are associated with. This paper outlines the automated deployment of a SOC that unifies network security, host based security, threat intelligence, and reporting in an easy to use and low cost platform. This was accomplished by integrating open source projects into a modular, easy to use, and customizable framework to meet the diverse needs of companies. SOC functionality was measurably verified by attacking and mapping resulting detections to common techniques seen in cyber attacks. The resulting SOC framework deploys in under an hour, provides intuitive reporting, and detects 81 of the most common techniques used by hackers. This work is a step in the right direction for securing companies and provides a foundation that can be further improved upon to help shrink the attack surface of the global threat landscape. 2020-06-16 English text University of Cincinnati / OhioLINK http://rave.ohiolink.edu/etdc/view?acc_num=ucin1592133599167901 http://rave.ohiolink.edu/etdc/view?acc_num=ucin1592133599167901 restricted--full text unavailable until 2022-05-20 This thesis or dissertation is protected by copyright: some rights reserved. It is licensed for use under a Creative Commons license. Specific terms and permissions are available from this document's record in the OhioLINK ETD Center. |
| collection |
NDLTD |
| language |
English |
| sources |
NDLTD |
| topic |
Computer Science Cybersecurity Security Operation Center Small and Medium Businesses |
| spellingShingle |
Computer Science Cybersecurity Security Operation Center Small and Medium Businesses Cardarelli, Anthony Automated Deployment of a Security Operations Center |
| author |
Cardarelli, Anthony |
| author_facet |
Cardarelli, Anthony |
| author_sort |
Cardarelli, Anthony |
| title |
Automated Deployment of a Security Operations Center |
| title_short |
Automated Deployment of a Security Operations Center |
| title_full |
Automated Deployment of a Security Operations Center |
| title_fullStr |
Automated Deployment of a Security Operations Center |
| title_full_unstemmed |
Automated Deployment of a Security Operations Center |
| title_sort |
automated deployment of a security operations center |
| publisher |
University of Cincinnati / OhioLINK |
| publishDate |
2020 |
| url |
http://rave.ohiolink.edu/etdc/view?acc_num=ucin1592133599167901 |
| work_keys_str_mv |
AT cardarellianthony automateddeploymentofasecurityoperationscenter |
| _version_ |
1719457650852233216 |