| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
Enhancing Collaboration between Security Analysts in Security Operations Centers
Abstract : Security Operations Centers (SOCs) collect data related to the information systems they protect and process it to detect suspicious activities. In this paper we explain how a SOC is organized, we highlight the current limitations of SOCs and their consequences regarding the performance of the detection service. We propose a new collaboration process to enhance the cooperation between security analysts in order to quickly process security events and define a better workflow that enables them to efficiently exchange feedback. Finally, we design a prototype corresponding to this new model.
Cited literature [10 references]
https://hal.inria.fr/hal-01992346
Contributor : Guillaume Piolle <>
Submitted on : Thursday, January 24, 2019 - 1:41:36 PM
Last modification on : Wednesday, April 8, 2020 - 3:44:59 PM
Document(s) archivé(s) le : Thursday, April 25, 2019 - 1:51:07 PM
Contributor : Guillaume Piolle <>
Submitted on : Thursday, January 24, 2019 - 1:41:36 PM
Last modification on : Wednesday, April 8, 2020 - 3:44:59 PM
Document(s) archivé(s) le : Thursday, April 25, 2019 - 1:51:07 PM
File
paperSOC.pdf
Files produced by the author(s)