UKNOF is being closed down during 2024, and this site is now only active as an archive of previous events and presentations.

7–9 Sept 2016
The Technical and Innovation Centre
Europe/London timezone

vSoC: Advanced Virtualised Security Operations Centre for Training and Research

8 Sept 2016, 14:00
30m
Main Auditorium (The Technical and Innovation Centre)

Main Auditorium

The Technical and Innovation Centre

University of Strathclyde 99 George Street Glasgow G1 1RD
Main Session

Speaker

Prof. William Buchanan (Edinburgh Napier University)

Description

This presentation outlines the creation of a virtualised security operations centre (vSoC) in order to create a virtualised environment which mirrors a real-life networked infrastructure. It integrates logging and intrusion detection systems into a SIEM infrastructure, such as using HPE ArcSight, Splunk and RSA SA. This allows for security analysts to train within a safe environment, while supporting the opportunity for researchers and SMEs to evaluate their methods within a real-life infrastructure. The presentation will also showcase the integration of CTF (Capture The Flag) and Red v Blue activities, and how these are being used to stimulate engagement and provide an enhanced learning environment. Along with this the design will be outlined, including the usage of SDN and Cloud technology to provide the delivery of the training infrastructure.

Summary

A practical demonstration of the environment will be included in the talk.

Primary author

Prof. William Buchanan (Edinburgh Napier University)

Presentation materials