Guideline

SOC Methodology

• 11 Strategies of a World-Class Cybersecurity Operations Center (PDF): 2022/03/29 보안 운영 센터(SOC) 운영자의 디지털 방어 강화를 위한 실용적인 책
  1. Know what you are protecting and why.
  2. Give the SOC the authority to do its job.
  3. Build a SOC structure to match your organizational needs.
  4. Hire and grow quality staff.
  5. Prioritize incident response.
  6. Illuminate adversaries with cyber threat intelligence.
  7. Select and collect the right data.
  8. Leverage tools to support analyst workflow.
  9. Communicate clearly, collaborate often, and share generously.
  10. Measure performance to improve performance.
  11. Turn up the volume by expanding SOC functionality.

SIEM/SOAR

• 관제기술 플랫폼(SIEM/SOAR) 구축 가이드라인(25.5): 국가사이버안보센터는 관제기술 플랫폼(SIEM/SOAR) 구축 관련, 호주와 합동 가이드라인을 제작(5.14)
  • 영문 원본(호주): https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-monitoring/implementing-siem-and-soar-platforms

자료실

• 국가사이버안보센터(NCSC) 자료실