Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Strategy 2: Give the SOC the Authority to Do Its Job | 40

BlueprintPublished 15 May 2023
Features
John Hubbard
John Hubbard

Though a SOC is responsible for protecting your organization's assets, it is not the owner of those systems. If the SOC is not established with a clear charter and authority to act, it may quickly become difficult to be effective. Who should the SOC report to, what should be in a SOC charter, and how can we make these tough decisions? Those are the questions covered in this episode of our special "11 Strategies" season. This episode covers chapter 2 of the book - "Give the SOC the Authority to Do Its Job".

This special season of the Blueprint Podcast is taking a deep dive into MITRE’s 11 Strategies of a World-Class Cyber Security Operations Center. Each episode, John will break down a chapter of the book with the book’s authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.

Sponsor's Note:

Visit Mitre’s page to find more information.

-----------

Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals. This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career. Check out the details at sansurl.com/450. Hope to see you in class!

Follow SANS Cyber Defense:

Twitter | LinkedIn | YouTube

Follow John Hubbard:

Twitter | LinkedIn

Speakers

John Hubbard
John Hubbard

John Hubbard

Consultant

John redefined modern SOC operations by engineering globally adopted blue team strategies and co-creating the GSOC cert. Through the Blueprint podcast and SANS leadership, he’s unified thousands of defenders around real-world detection tactics.

Read more about John Hubbard
Blueprint Podcast | Strategy 2: Give the SOC the Authority to Do Its Job | 40 | SANS Institute