A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Workflow Based Security Incident Management
[chapter]
2005
Lecture Notes in Computer Science
Preserved Fulltext
Security incident management is one of the critical areas that offers valuable information to security experts, but still lacks much development. ...
This paper presents an architecture based on advance database techniques, able to collect incident related information from different sources. ...
In this paper, we present a novel centralized incident management system based on advance Extraction Transformation Loading (ETL) database techniques. ...
doi:10.1007/11573036_65
fatcat:jma6qff5tbeirndcjjx3z57os4
The Design and Construction of Decision-Making Command System for Digital Oilfield Emergency Drill
2011
Procedia Environmental Sciences
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Unexpected security incidents are the crisis of non-equilibrium state, leading the society deviate from the normal track. ...
In the state of emergency, the relevant management departments will make rapid and accurate decisionmakings, which based on the latest status and the feedback information. ...
doi:10.1016/j.proenv.2011.12.006
fatcat:jlv7hvhjvzautlh6pmsjjna24u
security-operations-maturity-model-white-paper.pdf
[article]
2020
Figshare
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
: Capabilities enabling security teams to engage in highly confidential, collaborative, and efficient workflows with a centralized and secure case management facility for managing and accelerating threat ...
The LogRhythm Security Operations Maturity Model LogRhythm has developed a Security Operations Maturity Model (SOMM)based on LogRhythm's Threat Lifecycle Management (TLM) framework -that can be used to ...
doi:10.6084/m9.figshare.11808192.v1
fatcat:ipxkeuhexjd45nknkkghn7ttfy
A Multi-Vocal Review of Security Orchestration
2019
ACM Computing Surveys
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2020 pre-print arXiv:2002.09190v1 fatcat:vafxyd52knfzpnelaooymuhena
We have also identified the core components of a security orchestration platform and categorized the drivers of security orchestration based on technical and socio-technical aspects. ...
We also provide a taxonomy of security orchestration based on the execution environment, automation strategy, deployment type, mode of task and resource type. ...
ForeScout has built CounterACT that uses a rule engine and a workflow engine to automate the workflow for instant decision making to deal with security incidents [101] . ...
doi:10.1145/3305268
fatcat:gravwvdylvc6rd5co3lrpgaelu
AI/ML in Security Orchestration, Automation and Response: Future Research Directions
2021
Intelligent Automation and Soft Computing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
, and applications in response to security incidents to empower SOC teams. ...
Today's cyber defense capabilities in many organizations consist of a diversity of tools, products, and solutions, which are very challenging for Security Operations Centre (SOC) teams to manage in current ...
and suboptimal incident response processes and security management in general. ...
doi:10.32604/iasc.2021.016240
fatcat:4c2dgerxwzhonn3xyypyyekmjq
A Tale of Three Security Operation Centers
2014
Proceedings of the 2014 ACM Workshop on Security Information Workers - SIW '14
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Security researchers have been trying to understand functioning of a security operation center (SOC) and how security analysts perform their job. ...
Much work towards this direction has been through interviews of security analysts in SOCs. ...
New analysts are trained until the senior analyst and SOC manager agree that additional training is unnecessary.
SOC Workflow The SOC follows a workflow built around an incident management system. ...
doi:10.1145/2663887.2663904
dblp:conf/ccs/SundaramurthyCT14
fatcat:mavvz7vorvae3ka7skns64csey
Cyber Threat Information Classification and Life Cycle Management using Smart Contracts
2018
Proceedings of the 4th International Conference on Information Systems Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We demonstrate how the presented techniques can be applied to support incident handling tasks performed by security operation centers (SOCs). ...
To be effective in identifying and defeating future cyber-attacks, cyber analysts require novel tools for incident report classification and life cycle management that can automatically analyse and share ...
The goal of this evaluation was to leverage the domain expert knowledge base for cyber incident classification and management as described in the workflow (see Fig. 2) , pointing out threat level relevant ...
doi:10.5220/0006605203040311
dblp:conf/icissp/GrafK18
fatcat:evibt4qeezevvjvaoxu4lfntxm
ATHAFI: Agile Threat Hunting And Forensic Investigation
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The combination of Attack Hypotheses Generation and Workflows Generation enables intelligent adjustment of workflows, which react to emerging threats effectively. ...
Unfortunately, many organization do not have enough security analysts to perform threat hunting tasks and today the level of automation of threat hunting is low. ...
The command and control unit (C&C), operated by the security analysts, is responsible for managing the workflows. ...
arXiv:2003.03663v1
fatcat:3wwi6wkuprgibk3hteyymgggjy
Autonomic Cloud Computing: Open Challenges and Architectural Elements
[article]
2012
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2012 2012 Third International Conference on Emerging Applications of Information Technology unpublished doi:10.1109/eait.2012.6407847 fatcat:7jfdt46idnfpldt7qii5dsswea
They need automated and integrated intelligent strategies for provisioning of resources to offer services that are secure, reliable, and cost-efficient. ...
We present a conceptual architecture and early results evidencing the benefits of autonomic management of Clouds. ...
We would like to thank our colleagues Jia Yu, Suraj Pandey, Sifei Lu, Long Wang, Henry Palit, and Qin Zheng for their contribution towards Workflow Engine. ...
arXiv:1209.3356v1
fatcat:mz5w7lvhbzb3rof6w2psls5fcq
Critical Challenges to Information Security & Guidelines to use Responsive Service Now Plat-form
2020
International journal of recent technology and engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The main aim of this paper is to track the risk, make security comparisons in Traditional approach vs Modern approach and reasons to choose service. ...
Workflows are essential to ensure that your security runbook is adhered to. ...
Automated workflows help to route requests from security analysts to the right IT people. ...
doi:10.35940/ijrte.e5630.018520
fatcat:sve4txl7djflrb5w5hb4bx4lby
Assessing the Safety of Custom Web-Based Clinical Decision Support Systems in Electronic Health Records: A Case Study
2019
Applied Clinical Informatics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Results We identified five CDS malfunctions that impaired clinical workflow. ...
Additional feedback on the root cause of individual incidents was obtained through interviews with members of the CDS project teams. ...
Major incidents at CHOP are distinguished from routine incidents based on how they are created and the severity of their impact on clinical workflow. ...
doi:10.1055/s-0039-1683985
pmid:30943572
pmcid:PMC6447398
fatcat:5at6kowwvbcjblqgtje4pci6ka
Monitoring and Improving Managed Security Services inside a Security Operation Center
2019
EAI Endorsed Transactions on Security and Safety
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Monitoring and improving the performance of Security Operation Centers (SOC) are becoming crucial due to the emerging need of benefiting from Managed Security Services (MSS) rather than hiring in-house ...
security experts. ...
EVS, MI, BFA and PV investigation types take more time to gather indications to create an incident than 11 Monitoring and Improving Managed Security Services inside a Security For almost all investigation ...
doi:10.4108/eai.8-4-2019.157413
fatcat:cebbjhlo5rg6raogpunrgppbpu
An Intelligent Control Architecture for Adaptive Service-Based Software Systems with Workflow Patterns
2008
2008 32nd Annual IEEE International Computer Software and Applications Conference
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Systems based on SOA are called Service-based Systems (SBS). ...
This architecture has three layers based on the intelligent control theory for developing and deploying SBS. ...
Workflow Management When the controller in the workflow management layer receives a task from the user management layer, the workflow management selects a workflow pattern from a set of workflow patterns ...
doi:10.1109/compsac.2008.184
dblp:conf/compsac/JiangHCHY08
fatcat:64duergelva6hitmlp4vupsw6y
Use of organisational topologies for forensic investigations
2017
Proceedings of the 1st ACM SIGSOFT International Workshop on Software Engineering and Digital Forensics - SERF 2017
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
In today's highly regulated business environment, it is becoming increasingly important that organisations implement forensic-ready systems and architectures to aid the investigation of security incidents ...
Furthermore, knowing the topology of an organisation's structure can also assist investigators identify stakeholders that could be of interest to an investigation, based on their relationship to the asset ...
to the Security Manager (IS) and can authorise them to perform a task). ...
doi:10.1145/3121252.3121253
dblp:conf/sigsoft/GrisposHN17
fatcat:fuuaqq7tqrdwtlbr5ps3aoyyze
Integrated Security Incident Management -- Concepts and Real-World Experiences
2011
2011 Sixth International Conference on IT Security Incident Management and IT Forensics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
A formally specified security incident response (SIR) process serves as the basis that clearly defines responsibilities, workflows, and interfaces. ...
We present a holistic, process-oriented approach to ISO/IEC 27001 compliant security incident management that integrates multiple state-of-the-art security tools and has been applied to a real-world scenario ...
--------------------------
Figure 3 . 3 The workflow of our Security Incident Response Process
Figure 4 . 4 Integrated management of security incidents -LRZ example
Figure 5 . 5 Percentage distribution ...
doi:10.1109/imf.2011.15
dblp:conf/imf/MetzgerHR11
fatcat:lb773umryvbfhownchdbf7pmfa
« Previous
Showing results 1 — 15 out of 13,121 results