Oct 25 – 29, 2021
Europe/Zurich timezone

Threat Intelligence and Security Operations Centres: Collaborative Security

Oct 28, 2021, 6:50 PM
25m
Online workshop

Online workshop

Networking & Security Network & Security

Speaker

David Crooks (UKRI STFC)

Description

The threat faced by the research and education sector from determined and well-resourced attackers has been growing in recent years and is now acute. We must act together as a community to defend against these attacks. A vital means of achieving this is to share threat intelligence - key indicators of compromise of an ongoing incident including network locations and file hashes - with trusted partners. We must couple this with a robust, fine-grained source of network monitoring. The combination of these elements along with storage, visualisation and alerting is called a Security Operations Centre. The WLCG SOC working group has been pursuing an interconnected network of SOC-equipped sites for several years. We report here on recent progress, including new deployments against multiple 100Gb/s sites, and future plans for the coming year.

Speaker release Yes

Primary authors

Presentation materials