Security Basics mailing list archives
Re: Certifications for SOC team
From: krymson () gmail com
Date: Wed, 18 Feb 2009 09:53:07 -0700
Surprised I didn't see any responses to this, so I thought I'd chime in. To me, people in the SOC need quite a few skills to properly analyze the traffic/alerts they see, as well as advise other teams on how to properly remediate issues. In this regard, I think anything may be helpful. If you want customers to recognize the cert, you really have to delve down into CISSP (general) and CISA (audit) areas. Not because they demonstrate your talent, but simply because they're recognized widely. For those team members you have with specific interests, it would be useful to be able to speak to operations teams realistically. This could mean getting similar certs to what they hold: Red Hat, CCNA, maybe even MCSE flavors. These should also help with understanding systems, alerts, and even false positives. If you can afford it, GIAC/SANS would be an excellent choice, but not all of us work in places that splurge on such certs so I tend to rate it down a bit as cost-prohibitive. Also, while those of us in-the-know hold SANS up in pretty high regard, that does not mean people outside our business units know wtf they are. :) <- snip -> Hi List, This question is specifically about certifications that may help us as team members, to demonstrate competency to the global clients who have assigned us a task to handle the SOC [security information center] for them. We have been handed over this responsibilities mostly on the basis of our experience. [ranging from 1 to 9 years] Some of us already have CEH, but we all are looking for a line of certs that has a good deal of respected in the industry. Thanks in advance. Cheers.
Current thread:
- Certifications for SOC team Alcides (Feb 17)
- RE: Certifications for SOC team Rafael Torrales Levaggi (Feb 18)
- Re: Certifications for SOC team J. Oquendo (Feb 18)
- Re: Certifications for SOC team aditya mukadam (Feb 18)
- Re: Certifications for SOC team Daniel Miessler (Feb 19)
- <Possible follow-ups>
- Re: Certifications for SOC team krymson (Feb 18)