Hi everyone,
Since my last post in December (I know, it has been way too long), there have been several changes in my day to day. I decided to take ownership of my life and made the decision to move to Toronto, Canada. The planning thereof as well as the execution has taken a lot of time but I finally made it! I’m still trying to figure a few things out in my personal life, and the immigration process is still taking a lot longer than I thought it would, but I am now in a position where I can start blogging again.
During my last blog post in 2021, I did say that I would be doing more of the same, including: technical and non-technical writing, more challenge VM walkthroughs, etc. That being said, from next week I will start be starting a new “Blue Team Basics” series which will dive into the inner workings of what I believe a Security Operations Center (SOC) requires in order to function correctly.
I’m still trying to figure out a few kinks and what I want to get across in a series, but it will definitely include:
- The basic responsibilities of a SOC
- Meetings that I think help a SOC function as a team
- Note taking
- Types of events and escalations
- Potential methods for onboarding and training
- SOC projects
The order thereof may change as I write the posts, but those are the fundamentals that I believe a SOC should have ironed out in order to function effectively as a team. If you are looking forward, or if you would like me to have any specific content published on my site, please feel free to reach out!