SOC-CMM forum

Full Version: SOC-CMM v2.2 (beta release)
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
It’s been 5 years since the initial release of the SOC-CMM. In the past 5 years, the SOC-CMM has evolved from a thesis project to a fully featured self-assessment for Security Operations Centers. The SOC-CMM has found its way into SOCs all around the world, helping security teams mature and professionalize their security operations globally.
 
Today, I’m happy to announce a new beta release of the SOC-CMM. This release features many enhancements that were introduced in the SOC-CMM4CERT. New elements have also been introduced, mainly in the process domain. With these additions, the SOC-CMM now features Mitre ATT&CK, visibility, detection engineering, adversary emulation and automated defence testing. There are still many more improvements and changes that I initially envisioned for this version, but development takes a lot of time and effort.
 
If you come across any issues, please let me, preferably through a reply to the post. I’m planning to finalise the product based on your feedback for an official release by the end of this year.
Change notes (as compared to version 2.1):

Business domain:
- Governance:
  - question 4.10 added (external SOC cooperation)
- Privacy & Policy:
  - questions 5.1, 5.2 and 5.3 added (security policy)
  - question 5.4: additional NIST mapping applied

People domain:
- Employees:
  - questions 1.9 and 1.10 added (KSAOs)
- People Management:
  - questions 3.5 and 3.6 added, renumbering applied (team goals and tracking of goals)
  - questions 3.13 and 3.14 added (multi-team systems and team performance)
- Knowledge management:
  - question 4.4.1 added, renumbering applied (employee abilities)

Process domain:
- Operations and facilities:
  - question 2.1.6 added (OPSEC program)
  - questions 2.3.2, 2.3.5, 2.3.9 added, renumbering applied (war room, physical storage, remote working)
  - question 2.4.2 added, renumbering applied (viligance)
- Reporting:
  - question 3.8.6 added (proactive & reactive metrics)
  - questions 3.10.1 and 3.10.2 added (education & awareness)
- Use case management:
  - question 4.1.9 (testing use cases) moved to detection engineering, renumbering applied
  - section 4.2 added (Mitre ATT&CK)
  - section 4.3 added (visbility)
- Detection Engineering & Validation:
  - completely new section

Technology domain:
- Maintenance and support removed from capabilities, and moved to maturity (section x.4), renumbering applied. Applies to all technologies

Services domain:
- Threat Intelligence
  - question 4.14.25 added, renumbering applied (threat landscaping)
  - question 4.14.31 added (CTI infrastructure management)

Backend improvements:
- calculations improved and simplified
- Index updated from percentage completed to remaining questions
- generic guidance applied for all capabilities (technology & services domain)
- guidance added for new questions

Bug fixes & typos:
- Typos fixed where found
- conditional formatting error fixed

License updated:
- CC BY-SA instead of GPLv3
(10-01-2021, 01:01 PM)robvanos Wrote: [ -> ]It’s been 5 years since the initial release of the SOC-CMM. In the past 5 years, the SOC-CMM has evolved from a thesis project to a fully featured self-assessment for Security Operations Centers. The SOC-CMM has found its way into SOCs all around the world, helping security teams mature and professionalize their security operations globally.
 
Today, I’m happy to announce a new beta release of the SOC-CMM. This release features many enhancements that were introduced in the SOC-CMM4CERT. New elements have also been introduced, mainly in the process domain. With these additions, the SOC-CMM now features Mitre ATT&CK, visibility, detection engineering, adversary emulation and automated defence testing. There are still many more improvements and changes that I initially envisioned for this version, but development takes a lot of time and effort.
 
If you come across any issues, please let me, preferably through a reply to the post. I’m planning to finalise the product based on your feedback for an official release by the end of this year.

Any update on when this version will be released officially and out of beta? I'm currently taking MGT551: Building and Leading Security Operations Centers and have an OKR to utilize SOC-CMM to do a self assessment in Q1 of 2022. I currently plan to utilize version 2.1, but some of the improvements listed in this version (specifically additional guidance around the capabilities) are making me re-consider using this version as it will be our first time going through the assessment.

Will download this beta version and look through it for now - appreciate any feedback.

Thanks in advance!
Hi!

I’m expecting to release the official 2.2 somewhere in the next 2-3 weeks. I will do some minor modifications for the official release, but nothing significant. If you have subscribed to the email list, you will receive an email upon release. Otherwise, you can monitor this thread, it will be updated when I release version 2.2.

In the meantime, and as always, suggestions and feedback for improvement is welcome!

Regards,
Rob
The official 2.2 version of the SOC-CMM was released this week and is available on the downloads section of the SOC-CMM site. This thread will be closed.