Wait, What Does a SOC Do? - NDSS Symposium

Joe Nehila, Drew Walsh (Deloitte And Touche)

Security Operation Centers (SOCs) are a common and critical piece of an organization’s cybersecurity strategy to prevent, monitor, detect, mitigate, and respond to cybersecurity incidents; but these aren’t the metrics a SOC analyst is measured against: they are measured against volume and time. This talk will discuss the current challenges SOC analysts face with alert fatigue against an ever-growing number of alerts and the need to manage the scale by scaling the analyst.

View More Papers

Automatic Policy Synthesis and Enforcement for Protecting Untrusted Deserialization

Quan Zhang (Tsinghua University), Yiwen Xu (Tsinghua University), Zijing Yin (Tsinghua University), Chijin Zhou (Tsinghua University), Yu Jiang (Tsinghua University)

UniID: Spoofing Face Authentication System by Universal Identity

Zhihao Wu (Zhejiang University), Yushi Cheng (Zhejiang University), Shibo Zhang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Wenyuan Xu (Zhejing University)

Learning Automated Defense Strategies Using Graph-Based Cyber Attack Simulations

Jakob Nyber, Pontus Johnson (KTH Royal Institute of Technology)