Wait, What Does a SOC Do? - NDSS Symposium

Joe Nehila, Drew Walsh (Deloitte And Touche)

Security Operation Centers (SOCs) are a common and critical piece of an organization’s cybersecurity strategy to prevent, monitor, detect, mitigate, and respond to cybersecurity incidents; but these aren’t the metrics a SOC analyst is measured against: they are measured against volume and time. This talk will discuss the current challenges SOC analysts face with alert fatigue against an ever-growing number of alerts and the need to manage the scale by scaling the analyst.

View More Papers

Threats Against Satellite Ground Infrastructure: A retrospective analysis of...

Jessie Hamill-Stewart (University of Bristol and University of Bath), Awais Rashid (University of Bristol)

Secret-Shared Shuffle with Malicious Security

Xiangfu Song (National University of Singapore), Dong Yin (Ant Group), Jianli Bai (The University of Auckland), Changyu Dong (Guangzhou University), Ee-Chien Chang (National University of Singapore)

Non-Disruptive Disruption: An Empirical Experience of Introducing LLMs in...

Francis Hahn (University of South Florida), Mohd Mamoon (University of Kansas), Alexandru G. Bardas (University of Kansas), Michael Collins (University of Southern California – ISI), Jaclyn Lauren Dudek (University of Kansas), Daniel Lende (University of South Florida), Xinming Ou (University of South Florida), S. Raj Rajagopalan (Resideo Technologies)