Get to grips with security operations through incident response, the ATT&CK framework, active defense, and agile threat intelligence

Key Features

Explore robust and predictable security operations based on measurable service performance

Learn how to improve the security posture and work on security audits

Discover ways to integrate agile security operations into development and operations

Book Description

Agile security operations allow organizations to survive cybersecurity incidents, deliver key insights into the security posture of an organization, and operate security as an integral part of development and operations. It is, deep down, how security has always operated at its best.

Agile Security Operations will teach you how to implement and operate an agile security operations model in your organization. The book focuses on the culture, staffing, technology, strategy, and tactical aspects of security operations. You'll learn how to establish and build a team and transform your existing team into one that can execute agile security operations. As you progress through the chapters, you'll be able to improve your understanding of some of the key concepts of security, align operations with the rest of the business, streamline your operations, learn how to report to senior levels in the organization, and acquire funding.

By the end of this Agile book, you'll be ready to start implementing agile security operations, using the book as a handy reference.

What you will learn

Get acquainted with the changing landscape of security operations

Understand how to sense an attacker's motives and capabilities

Grasp key concepts of the kill chain, the ATT&CK framework, and the Cynefin framework

Get to grips with designing and developing a defensible security architecture

Explore detection and response engineering

Overcome challenges in measuring the security posture

Derive and communicate business values through security operations

Discover ways to implement security as part of development and business operations

Who this book is for

This book is for new and established CSOC managers as well as CISO, CDO, and CIO-level decision-makers. If you work as a cybersecurity engineer or analyst, you'll find this book useful. Intermediate-level knowledge of incident response, cybersecurity, and threat intelligence is necessary to get started with the book.