BSidesCharm 2022 - SOCs and Shoes - Shawn Thomas

The Security Operations Center, everyone has one, but is it really more than a checkbox or a place to go where dreams die? This talk will discuss some of the core issues that SOC’s face today as well as suggestions and ideas to get this pivotal role and department back on mission by trusting and empowering analysts to find badness. Shawn Thomas (@Understudy77) Shawn is ex Incident Response consultant, SOC manager, and current Head of Incident Response at Yahoo!, a Paranoid by trade and title he has spent his career trying to find badness and protect users. Shawn has worked in or managed many SOC’s across both the government, private sector, and MSSP space. He loves to teach and talk DFIR/Operations, volunteer at conferences, host podcasts, including Positively Blue Team and The Paranoids Podcast, and help run the DeadPixelSec discord community which is his infosec home.