Back close

Course Detail

Course Name Security Operations
Course Code 21SN631
Program M. Tech. in Cyber Security Systems & Networks
Semester Elective
Credits 3

Overview

Information security incident management (Incident detection, triage and incident categories, Incident severity, resolution, Closure, Post-incident), Security Operations Center (SOC) Generations (First-generation, second, third and fourth generation SOC), SOC Maturity models

(Introduction to maturity models, and applying maturity models in SOC), SOC Technologies-1 (Data collection and analysis, syslog protocol), SOC Technologies-2 (Telemetry Data, Security analysis, Data enrichment), Vulnerability Management (Broad introduction), Threat intelligence (Broad introduction), Assessment of SOC capabilities (Business and IT Goals, Assessing capabilities & IT processes), SOC – Business Continuity, Disaster recovery (Importance of BCP and DR processes, and its interface to SOC), Security event generation and collection (Cloud Security, IDPS, Breach Detection), SOC and SIEM – Introduction (Role of SIEM in SOC), SOC and Splunk (Splunk architecture & SOC, Splunk Rules, Splunk log management, Splunk correlation), SOC and Health Care – A Case study (SOC Considerations for a HealthCare situation), SOC and Application security (OWASP, Application security and SOC).

 

TEXTBOOKS / REFERENCES

1.Security Operations Center: Building, Operating, and Maintaining Your SOC Book by Gary McIntyre, Joseph Muniz, and Nadhem AlFardan

2. Designing and Building Security Operations Center, 2015 Book by David Nathans

3. Security Operations Center ‐ SIEM Use Cases and Cyber Threat Intelligence, 2018 Book by Arun E Thomas

4. The Modern Security Operations Center, 2021 Book by Joseph Muniz

5. Principles for Cyber Security Operations, 2020 Book by Hinne Hettema

Course Outcomes

  • CO1 : Students should be able to understand the functionalities of various SOC generations
  • CO2: Understand different data collection, data analysis and security analysis techniques as part of SOC technologies

     

  • CO3: Understand the vulnerability management techniques and threat intelligence methodologies

     

  • CO4: Assess the SOC capabilities using different SOC tools and techniques

     

  • CO5: Learn how SOC helps in business continuity and disaster recovery plan

     

  • CO6: Gain knowledge on SIEM tools with SOC compatibility

     

  • CO7: Understand SOC Considerations for HealthCare situations

     

  • CO8: Gain knowledge on the application security area with SOC

DISCLAIMER: The appearance of external links on this web site does not constitute endorsement by the School of Biotechnology/Amrita Vishwa Vidyapeetham or the information, products or services contained therein. For other than authorized activities, the Amrita Vishwa Vidyapeetham does not exercise any editorial control over the information you may find at these locations. These links are provided consistent with the stated purpose of this web site.

Admissions Apply Now