Le SANS Institute a publié une étude a propos des SOCs, ces Security Operation Center en charge de la détection et de la réaction en cas d’incident de sécurité. En synthèse, il met en évidence que les opérations gagnent en maturité mais ont besoin de davantage d’automatisation, ce qui laisse logiquement la porte grande ouverte à l’intelligence artificielle.
L'essentiel Cybersécurité, IA & Tech
Rejoignez la communauté. 3 fois par semaine, recevez l'analyse des tendances par Marc Barbezat. Pas de spam, juste de l'info.
As a sign that SOCs are becoming multifunctional and maturing, 67% of respondents
said they are satisfied with their flexibility of response, while 65% are satisfied with their overall response time and 64% felt satisfied with containment abilities.However, satisfaction numbers dip below 50% for SOC-NOC (network operations center) coordination and effectiveness, as well as the ability to detect previously unknown threats, which is also the capability that received the most “not satisfied” responses, at 45%. These are clear areas where more automation and integration will help organizations take their SOCs to the next level.
L’étude est en libre accès ici:
Future SOC: SANS 2017 Security Operations Center Survey
Future SOC: SANS 2017 Security Operations Center Survey | SANS Institute
Découvert via cet article:
SOCs are maturing, but need more automation – Help Net Security
SOC maturity is improving. Their primary strengths are flexibility of response and response time, while their weakness is lack of visibility into events.
Serveurs, API, temps de veille...
DCOD est indépendant et sans revenus. Soutenez le site pour l'aider à couvrir ses frais techniques.
