There’s a shortage of places for security operations (SecOps) professionals to share knowledge around security automation and orchestration. Automation and orchestration within SecOps are still new and disruptive concepts, and many experts and security veterans are beginning to pick up these skills.
Security teams often have many tools to help them do their jobs well, but the human piece is often missing. Analysts are often a team of one or two responding to threats and alerts. Sometimes they can’t get the peer feedback they need. Many of them are responsible for managing the entire security toolset and often want to learn how to get richer intel from their tools.
That’s why we’re excited to support a new community for security operations professionals – SecOps Hub! It’s a platform-agnostic community aimed at helping security analysts and admins get better at what they do.
Discussions currently taking place in the community include:
- SecOps strategies
- Incident response processes
- Security best practices
- Policy building
- Ways automation and orchestration can simplify processes
SecOps Hub empowers teams of all sizes, regardless of budget or toolset, to get their work done efficiently and effectively.
Who’s part of SecOps Hub?
This community is for anyone who works in security operations or wants to learn more about the industry. This ranges from security analysts, network admins, and students to the CISO looking for resources to share with their teams. When working together to build the best solutions possible, the community helps all security operations professionals regardless of tenure or organization.
Discussions—started by community members—determine the structure and categories within SecOps Hub. Members will find discussions on the following topics:
- Incident response
- Risk management
- Threat intel
- Threat hunting
- Knowledge base
- Events and meetups
There are already many knowledge exchanges taking place on SecOps Hub, which include:
- Phishing scoring: How various users have implemented phishing scoring in their organizations, including what criteria they use and how they determine the severity of the incident.
- SSL/TLS certificates: One community member was looking for a tool to help them determine which ciphers are supported. A few members suggested SSLscan and OpenSSL as possible tools. In order to help solve the problem, another member even wrote a Powershell script to run against targeted hosts.
- Tracking beyond spreadsheets: Members shared different ways to report on vulnerabilities from scanners. The community responded with a few free and open source tools.
- Open source tools for incident response: Lastly, users discussed what various open source tools they were using for their incident response processes. Users discussed both well-known methods as well as some unconventional ones.
Have you been looking for a place to learn or share the ins and outs of security operations? Chat with others in the industry today, and check out SecOps Hub now!