adam's notes

Information Security Business Units

Security Operations Center (SOC)

security operations center (SOC) is a location where security professionals monitor and protect critical information assets in an organization.

  • can be difficult to establish, maintain, and finance
    • so usually employed by larger corporations

DevSecOps

Development and operations (DevOps) is a combination of software development and systems operations, and refers to the practice of integrating one discipline with the other.

  • is a cultural shift within an organization to encourage much more collaboration between developers and systems administrators
  • By creating a highly orchestrated environment,
    • IT personnel and developers can build, test, and release software faster and more reliably
  • embraces automation and infrastructure as code (IaC)
  • seeks to implement a continuous integration software development approach to quickly release software updates
  • DevSecOps extends the boundary to security specialists and personnel
    • reflects the principle that security is a primary consideration at every stage of software development and deployment
    • known as shift left,
      • meaning that security considerations need to be made during requirements and planning phases, not grafted on at the end

Development and security and operations (DevSecOps) is a combination of software development, security operations, and systems operations, and refers to the practice of integrating each discipline with the others.

  • security operations can be conceived of as software development projects
  • Security tools can be automated through code
    • “security as code”
  • Consequently, security operations need to take on developer expertise to improve detection and monitoring

Incident Response

A dedicated computer incident response team (CIRT) is a single point of contact for the notification of security incidents.

  • aka computer security incident response team (CSIRT) and computer emergency response team (CERT)
  • might be handled by the SOC or it might be established as an independent business unit

Graph View

Backlinks