Improving the SOC Analyst Experience – Source: securityboulevard.com

Improving the SOC Analyst Experience â Source: securityboulevard.com
– Kelsey Gast
LogRhythm recently presented a webinar featuring Forrester on this topic called, â The SOC Analyst Experience: Tools and Techniques to Enhance Performance.â Senior Threat Research Engineer, Sally Vincent, and our special guest, Forrester Senior Analyst Allie Mellen, discussed the challenges SOC analysts face and explored strategies to enhance their experience.Continuous Training and Collaboration Enhancing the analyst experience isnât just about focusing on the user experience (UX) and user interface (UI) of products, but also providing opportunities to properly learn how to use security tools, understand security processes, improve skill sets, and develop career paths.With over ten years of hands-on cybersecurity experience, Sally added that fostering a culture of collaboration and knowledge sharing within the SOC enables analysts to learn from each otherâs experiences and collectively strengthens their capabilities.SANS is wonderful about doing interactive training, and itâs a good investment that companies can make to send their team members to that training because itâs hands-on and applicable right out of the gate.â By investing in training courses, analysts gain a deeper understanding of different attack vectors, learn to effectively use various security tools, and develop the ability to think critically when investigating incidents.Sally specifically called out the following playbooks as useful for SOC analysts: âHaving a playbook for threat hunting, a playbook for ransomware, and a playbook for malware backdoors is extremely helpful.â She also recommended using playbooks to your advantage for training and walking new analysts through incident response.Many security vendors provide playbooks to their customer base that SOC teams can implement or build upon, but both presenters also mentioned that Cybersecurity and Infrastructure Security Agency (CISA) has playbooks available on GitHub that are great starting points as well.
Link: https://ciso2ciso.com/improving-the-soc-analyst-experience-source-securityboulevard-com/


Categories:

Tags: