Speaker
Prof.
William Buchanan
(Edinburgh Napier University)
Description
This presentation outlines the creation of a virtualised security operations centre (vSoC) in order to create a virtualised environment which mirrors a real-life networked infrastructure. It integrates logging and intrusion detection systems into a SIEM infrastructure, such as using HPE ArcSight, Splunk and RSA SA. This allows for security analysts to train within a safe environment, while supporting the opportunity for researchers and SMEs to evaluate their methods within a real-life infrastructure. The presentation will also showcase the integration of CTF (Capture The Flag) and Red v Blue activities, and how these are being used to stimulate engagement and provide an enhanced learning environment. Along with this the design will be outlined, including the usage of SDN and Cloud technology to provide the delivery of the training infrastructure.
Summary
A practical demonstration of the environment will be included in the talk.
Primary author
Prof.
William Buchanan
(Edinburgh Napier University)
