Follow Slashdot stories on Twitter


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Feed Google News Sci Tech: Formula E announces driverless car support series - ESPN (


Formula E announces driverless car support series
Inaugural Formula E champion Nelson Piquet has said that Formula One can learn from the approach that Formula E is taking into the sport of motor racing. The Pits. 36 Shares. Email print. comment. Formula E has announced a support series called...
Formula E is planning the first racing series for driverless carsEngadget
Electric series plans driverless championshipReuters
Formula E announces 300kph 'RoboRace'

all 140 news articles

Submission + - Book review: Security Operations Center

benrothke writes: ol{margin:0;padding:0}.c1{orphans:2;widows:2;text-align:justify;direction:ltr}.c6{orphans:2;widows:2;direction:ltr;height:11pt}.c5{background-color:#ffffff;max-width:468pt;padding:72pt 72pt 72pt 72pt}.c4{color:#1155cc;text-decoration:underline}.c0{color:inherit;text-decoration:inherit}.c2{font-size:12pt;font-style:italic}.c3{font-size:12pt}.title{padding-top:0pt;color:#000000;font-size:26pt;padding-bottom:3pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}.subtitle{padding-top:0pt;color:#666666;font-size:15pt;padding-bottom:16pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}li{color:#000000;font-size:11pt;font-family:"Arial"}p{margin:0;color:#000000;font-size:11pt;font-family:"Arial"}h1{padding-top:20pt;color:#000000;font-size:20pt;padding-bottom:6pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h2{padding-top:18pt;color:#000000;font-size:16pt;padding-bottom:6pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h3{padding-top:16pt;color:#434343;font-size:14pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h4{padding-top:14pt;color:#666666;font-size:12pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h5{padding-top:12pt;color:#666666;font-size:11pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h6{padding-top:12pt;color:#666666;font-size:11pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;font-style:italic;orphans:2;widows:2;text-align:left}

Title:Security Operations Center: Building, Operating, and Maintaining your SOC

Author: Joseph Muniz, Gary McIntyre, Nadhem AlFardan

Pages: 448

Publisher: Cisco Press

Rating: 10/10

Reviewer: Ben Rothke

ISBN: 978-0134052014

Summary: Indispensable guide for those designing and deploying a SOC

Large enterprises have numerous information security challenges. Aside from the external threats; there's the onslaught of security data from disparate systems, platforms and applications. Getting a handle on the security output from numerous point solutions (anti-virus, routers/switches, firewalls, IDS/IPS, ERP, access control, identity management, single sign on and others), often generating tens of millions of messages and alerts daily is not a trivial endeavor. As attacks becoming more frequent and sophisticated and with regulatory compliance issues placing an increasing burden, there needs to be a better way to manage all of this.

Getting the raw hardware, software and people to create a SOC is not that difficult. The challenge, and it's a big challenge, is integrating those 3 components to ensure that a formal SOC can operate effectively. In Security Operations Center: Building, Operating, and Maintaining your SOC, authors Joseph Muniz, Gary McIntyre and Nadhem AlFardan have written an indispensable reference on the topic. The authors have significant SOC development experience, and provide the reader with a detailed plan on all the steps involved in creating a SOC.

As Mike Rothman notedabout managed services providers, and something that is relevant to a SOC, you should have no illusions about the amount of effort required to get a SOC up and running, or what it takes to keep one current and useful. Many organizations have neither the time nor the resources to implement a SOC, but do, and are then trapped on the hamster wheel of pain, reacting without sufficient visibility, but without time to invest in gaining that much-needed visibility into threats that the SOC had the potentialto provide them with, had they done it right. Those considering deploying a SOC and not wanting to be in the hamster wheel of pain will need this book.

The authors have done a great job in covering every phase and many details required to build out a SOC. After going through the book, some readers will likely reconsider deploying an internal SOC given the difficulties and challenges involved. This is especially true since SOC design and deployment is something not many people have experience with.

The book is written for an organization that is serious about building an enterprise SOC. The authors spend much of the book focusing on the myriad requirements for creation of a SOC. They constantly reiterate about details that need to be determined before moving forward.

Chapter 4 on SOC strategy is important as the way in which a firm determines their strategy will affect every aspect of the outcome. The authors wisely note that an inadequate or inaccurate SOC strategy, and the ensuing capabilities assessment exercises would produce a SOC strategy that does not properly address the actual requirements of the organization.

Ultimately, failing to adequately plan and design is a guarantee for SOC failure. That in turn will affect and impact deployment timelines, budgets and cause frustration, dissatisfaction and friction between the different teams involved in the SOC program.

The author's expertise is evident in every chapter, and their real-world expertise quite obvious in chapter 5 on facilities, which is an area often neglected in SOC design. The significant issue is that if the facility in which the SOC team operates out of does meet certain baseline requirements, the SOC effectiveness will be significantly and often detrimentally impacted. The chapter details many overlooked topics such as: acoustics, lighting, ergonomics, and more.

Staffing a SOC is another challenge, and the book dedicates chapter 8 to that. The SOC is only as good as the people inside it, and the SOC staff requires a blend of skills. If the organization wants their SOC to operate 24x7, it will obviously require a lot more manpower of these hard to find SOC analysts.

Another helpful aspect is found in chapter 10 which has a number of checklists you can use to verify that all the required pieces are in place prior to a go live data, or be able to identify area that many not be completed as expected.

With Muniz and AlFardan being Cisco employees and this being a Cisco Press title, the book has a strong emphasis towards Cisco hardware and software. Nonetheless, the book is still quite useful even for those who won't be using Cisco products.

Building a SOC is an arduous process which takes a huge amount of planning and of work. This work must be executed by people from different teams and departments, all working together. Based on these challenges, far too many SOC deployments fail. But for anyone who is serious about building out a SOC, this book should be a part of that effort.

The reason far too many, perhaps most SOC deployments fail is that firms makes the mistake of obsessing on the hardware and software, without adequately considering the security operations functions. The authors make it eminently clear that such an approach won't work, and provide you with the expert guidance to obviate that.

For anyone considering building a SOC, or wants to understand all of the details involved in building one, Security Operations Center: Building, Operating, and Maintaining your SOC, is an absolute must read.

Reviewed by Ben Rothke

Feed Google News Sci Tech: Apple's next iPhone reportedly ditches the headphone jack - Engadget (


Apple's next iPhone reportedly ditches the headphone jack
Apple's quest for ever-thinner, ever-smarter devices may produce another casualty: your iPhone's headphone jack. A rumor at MacOtakara claims that the next iPhone might drop the 3.5mm port and use the Lightning port for audio instead. The move would ...
Rumor: Apple to Kill Headphone Jack in iPhone 7PC Magazine
Apple To Abandon Headphone Jack? New Leak Reveals Massive GambleForbes
To make a thinner 'iPhone 7,' Apple could remove the headphone jackAppAdvice
Apple Insider-Tech Insider (blog)-Patently Apple
all 75 news articles

Submission + - NASA prepares to launch an Orion and three Cubesats to deep space in three years (

MarkWhittington writes: As NASA noted, the space agency and its contractors are working diligently on the first launch of the heavy-lift Space Launch System. The launch, officially called EM-1 or Exploration Mission 1 will loft an unpiloted version of the Orion spacecraft around the moon. also noted that a number of secondary payloads, known as CubeSats, will be along for the ride as well. NASA considered EM-1, scheduled for 2018, a crucial step in its Journey to Mars which will, it is hoped, reach its ultimate destination sometime in the 2030s.

Submission + - Bill Gates to Headline Paris Climate Talks

theodp writes: The NY Times and others report that Bill Gates will announce the creation of a multibillion-dollar clean energy fund on Monday at the opening of the two-week long Paris Climate Change Conference. The climate summit, which will be attended by President Obama and 100+ world leaders, is intended to forge a global accord to cut planet-warming emissions. The pending announcement was first reported by ClimateWire. A spokesman for the Bill and Melinda Gates Foundation did not respond to a request for comment. Let's hope it goes better than BillG school reform!

Feed Google News Sci Tech: Facebook expands parental leave policy for all employees globally - Mashable (


Facebook expands parental leave policy for all employees globally
Facebook CEO Mark Zuckerberg asks a question during the CEO Summit of the Americas panel discussion in Panama City, Panama, Friday, April 10, 2015. Image: Martinez Monsivais/Associated Press. Headshot_2015_sethfiegerman_1. By Seth Fiegerman...
Facebook giving new dads 4 months paid time offNew York Post
Will Bengal also follow Facebook's four-month paternity leave policy?Times of India
Facebook to give fathers up to four months paid paternity leaveCTV News
Thomson Reuters Foundation
all 117 news articles

Submission + - Ask Slashdot: Buy or Build a high end gaming PC? 2

An anonymous reader writes: Looking at some Black Friday ads, I'm seeing some good deals on Alienware and other gaming rigs that would be cheaper than building them from scratch. If you built or were to build a high end gaming rig, what would you suggest? Or would you just get a prebuilt system and customize it to your needs? I'm not looking for cheap, I want best quality and performance, but not overkill that would rival supercomputers and at the same time break my bank account. It would be a Windows system to keep my family happy, but possibly dual boot with Linux to keep me happy. It will be located in the livingroom hooked up to a regular monitor and the big screen TV, replacing a budget PC that's in there now.

Submission + - Air Force hires civilian drone pilots for combat patrols - legality questioned (

schwit1 writes: For the first time, civilian pilots and crews now operate what the Air Force calls "combat air patrols," daily round-the-clock flights above areas of military operations to provide video and collect other sensitive intelligence.

Civilians are not allowed to pinpoint targets with lasers or fire missiles. They operate only Reapers that provide intelligence, surveillance and reconnaissance, known as ISR, said Air Force Gen. Herbert "Hawk" Carlisle, head of Air Combat Command.

Feed Google News Sci Tech: Mozilla revenue climbs 5% in final year of Google search deal - Computerworld (


Mozilla revenue climbs 5% in final year of Google search deal
Mozilla last week reported that revenue for 2014 was up 5%, with the bulk of its earnings coming, as always, from the search deals struck for the open-source developer's Firefox browser. The uptick, small though it was, was an improvement over 2013 ...
Mozilla Dropped Google Financial Support For Firefox? Company Wants MoreRapid News Network
Mozilla says it can flourish without Google's moneyThe News Journal
Mozilla Says it Can Survive Without Alphabet Inc (GOOG)'s Google's (blog)
Bidness ETC-Gracious Column
all 85 news articles

Submission + - New type of 'flow battery' can store 10 times the energy of the next best device (

sciencehabit writes: Industrial-scale batteries, known as flow batteries, could one day usher in widespread use of renewable energy—but only if the devices can store large amounts of energy cheaply and feed it to the grid when the sun isn’t shining and the winds are calm. That’s something conventional flow batteries can’t do. Now, researchers report that they’ve created a novel type of flow battery that uses lithium ion technology—the sort used to power laptops—to store about 10 times as much energy as the most common flow batteries on the market. With a few improvements, the new batteries could make a major impact on the way we store and deliver energy

Submission + - Chrono Trigger Location Recreated in Unreal Engine 4 (

sckirklan writes:

YouTuber praetus uploaded a video a few days ago that details his process in building the iconic Chrono Trigger location using the Unreal 4 engine. The result is predictably gorgeous, and the work praetus put into the finer points of his recreation are easily the most impressive as well. In particular, praetus’ work on the teleporters at the Millenial Fair makes a strong case for a high-definition remake of one of the greatest time travel games of all time.

Quark! Quark! Beware the quantum duck!