Securosis discusses the “CloudSOC”
And as usual one has to decide what they will protect – is your data on the cloud? Where is your data?
I liked this comment:
“You can take some hints from folks that have already grappled with this decision: security monitoring providers. These services either built their own private cloud to accommodate (and protect) client data, or leverage yet-another IaaS or PaaS cloud to provide the infrastructure to store the data. Many of you will find the financial and scalability advantages of storing cloud data in a cloud services is more compelling than moving all of that collected data back to an on-prem system.”
IaaS – Infrastructure as a Service, PaaS – Platform as a Service.
At Fixvirus.com – we have reviewed many a cloud company and have set up http://www.fixvirus.com/cloud-systems-providers/ Link prominently on the Menu above.
Since we believe that the cloud is an important aspect of today’s computing environment. The CloudSOC will also be important to create. As usual it is important to decide how to enter the cloud – even as a Security operations center, what data is to be stored there, how will it be reviewed and analysed. Setting up the cloud correctly is important.
There are some players in this space already:
Elastica with a free SaaS(Software as a Service) audit
Cloudsoc.com also has set up some apps and looks to be DNS analytics based. Crunchbase notes the founders and a quick overview of CloudSOC the company
To Some degree some people can set up a “CloudSOC” with Splunk (an app about searching on data), more on this later… Splunk: “Search, monitor and analyze any machine data. Empower people with powerful visibility and insights. ”
As you can surmise this is not a 5 minute thought process, as it has to be reviewed with the various aspects of your compliance, data, network, and computing processes. In short order a comprehensive review and audit should be done before deciding on how a CloudSOC can help you.
Contact Us to perform an audit.