University of Twente Student Theses
Capability Maturity Measurement of a Security Operations Center through Analysis Detection
Vos, Matthijs (2022) Capability Maturity Measurement of a Security Operations Center through Analysis Detection.
|
PDF
324kB |
| Abstract: | Security Operations Centers (SOC) are vital in securing computer networks by detecting and responding to potential threats. In order to test the effectiveness of the SOC, Red Team tests are used. The goal of a Red Team is to simulate a type of adversary to test the company’s defences against this adversary. During this engagement, the goal of the Red Team is to stay undetected by the SOC. To be aware of the analysis the SOC is performing, Red Team monitoring methods have been developed in previous research, for which we will introduce and use the term Analysis Detection. Those methods by themselves do not give insight in the capabilities of the SOC. This paper extends those methods and determines the capabilities of the opposing SOC. This helps the Red Team better understand their opponent and improve their campaign. Finally, we show how existing Analysis Detection methods can be used as input for SOC capability indicators to measure the SOC maturity level. |
| Item Type: | Essay (Master) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/92859 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page