This video covers the concepts behind network and endpoint data collection used in a SOC – a great explainer for those who are thinking about starting a blue team career! Also check out the free digital Security Operations guide, Blueprint podcast, and the courses linked below for more in-depth info on how a SOC works.
My SANS Courses:
– SEC450 – Blue Team Fundamentals: https://sans.org/sec450
– MGT551 – Building and Leading Security Operations Centers: https://sans.org/mgt551
PDF Guide to Security Operations: https://www.sans.org/security-resources/posters/cyber-defense/guide-security-operations-260
Blueprint Podcast: https://sans.org/blueprint-podcast