Enhancing Collaboration between Security Analysts in Security Operations Centers - Archive ouverte HAL Access content directly
Conference Papers Year :

Enhancing Collaboration between Security Analysts in Security Operations Centers

(1) , (1) , (2, 1) , (3)
1
2
3

Abstract

Security Operations Centers (SOCs) collect data related to the information systems they protect and process it to detect suspicious activities. In this paper we explain how a SOC is organized, we highlight the current limitations of SOCs and their consequences regarding the performance of the detection service. We propose a new collaboration process to enhance the cooperation between security analysts in order to quickly process security events and define a better workflow that enables them to efficiently exchange feedback. Finally, we design a prototype corresponding to this new model.
Fichier principal
Vignette du fichier
paperSOC.pdf (295.62 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01992346 , version 1 (24-01-2019)

Identifiers

Cite

Damien Crémilleux, Christophe Bidan, Frédéric Majorczyk, Nicolas Prigent. Enhancing Collaboration between Security Analysts in Security Operations Centers. CRISIS 2018 - 13th International Conference on Risks and Security of Internet and Systems, Oct 2018, Arcachon, France. pp.1-6, ⟨10.1007/978-3-030-12143-3_12⟩. ⟨hal-01992346⟩
76 View
205 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More