Skip to Main content Skip to Navigation
Conference papers

Enhancing Collaboration between Security Analysts in Security Operations Centers

Abstract : Security Operations Centers (SOCs) collect data related to the information systems they protect and process it to detect suspicious activities. In this paper we explain how a SOC is organized, we highlight the current limitations of SOCs and their consequences regarding the performance of the detection service. We propose a new collaboration process to enhance the cooperation between security analysts in order to quickly process security events and define a better workflow that enables them to efficiently exchange feedback. Finally, we design a prototype corresponding to this new model.
Document type :
Conference papers
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download
Contributor : Guillaume Piolle Connect in order to contact the contributor
Submitted on : Thursday, January 24, 2019 - 1:41:36 PM
Last modification on : Wednesday, November 3, 2021 - 8:16:26 AM
Long-term archiving on: : Thursday, April 25, 2019 - 1:51:07 PM


Files produced by the author(s)



Damien Crémilleux, Christophe Bidan, Frédéric Majorczyk, Nicolas Prigent. Enhancing Collaboration between Security Analysts in Security Operations Centers. CRISIS 2018 - 13th International Conference on Risks and Security of Internet and Systems, Oct 2018, Arcachon, France. pp.1-6, ⟨10.1007/978-3-030-12143-3_12⟩. ⟨hal-01992346⟩



Les métriques sont temporairement indisponibles