SOC-CMM forum

Full Version: SOC-CMM v2.2 (beta release)
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
It’s been 5 years since the initial release of the SOC-CMM. In the past 5 years, the SOC-CMM has evolved from a thesis project to a fully featured self-assessment for Security Operations Centers. The SOC-CMM has found its way into SOCs all around the world, helping security teams mature and professionalize their security operations globally.
Today, I’m happy to announce a new beta release of the SOC-CMM. This release features many enhancements that were introduced in the SOC-CMM4CERT. New elements have also been introduced, mainly in the process domain. With these additions, the SOC-CMM now features Mitre ATT&CK, visibility, detection engineering, adversary emulation and automated defence testing. There are still many more improvements and changes that I initially envisioned for this version, but development takes a lot of time and effort.
If you come across any issues, please let me, preferably through a reply to the post. I’m planning to finalise the product based on your feedback for an official release by the end of this year.
Change notes (as compared to version 2.1):

Business domain:
- Governance:
  - question 4.10 added (external SOC cooperation)
- Privacy & Policy:
  - questions 5.1, 5.2 and 5.3 added (security policy)
  - question 5.4: additional NIST mapping applied

People domain:
- Employees:
  - questions 1.9 and 1.10 added (KSAOs)
- People Management:
  - questions 3.5 and 3.6 added, renumbering applied (team goals and tracking of goals)
  - questions 3.13 and 3.14 added (multi-team systems and team performance)
- Knowledge management:
  - question 4.4.1 added, renumbering applied (employee abilities)

Process domain:
- Operations and facilities:
  - question 2.1.6 added (OPSEC program)
  - questions 2.3.2, 2.3.5, 2.3.9 added, renumbering applied (war room, physical storage, remote working)
  - question 2.4.2 added, renumbering applied (viligance)
- Reporting:
  - question 3.8.6 added (proactive & reactive metrics)
  - questions 3.10.1 and 3.10.2 added (education & awareness)
- Use case management:
  - question 4.1.9 (testing use cases) moved to detection engineering, renumbering applied
  - section 4.2 added (Mitre ATT&CK)
  - section 4.3 added (visbility)
- Detection Engineering & Validation:
  - completely new section

Technology domain:
- Maintenance and support removed from capabilities, and moved to maturity (section x.4), renumbering applied. Applies to all technologies

Services domain:
- Threat Intelligence
  - question 4.14.25 added, renumbering applied (threat landscaping)
  - question 4.14.31 added (CTI infrastructure management)

Backend improvements:
- calculations improved and simplified
- Index updated from percentage completed to remaining questions
- generic guidance applied for all capabilities (technology & services domain)
- guidance added for new questions

Bug fixes & typos:
- Typos fixed where found
- conditional formatting error fixed

License updated:
- CC BY-SA instead of GPLv3