This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
SOC-CMM for CERT
#1
I'm happy to announce the release of the SOC-CMM for CERT, a version of the SOC-CMM specific for incident response teams. Earlier this year, I did a presentation at FIRST.ORG TC on the SOC-CMM. FIRST has expressed interest in the SOC-CMM, especially if it could be made more specific for CERT teams. I have been working on a version of the SOC-CMM that aims at measuring capability maturity in CERT teams. I've used the original SOC-CMM (version 2.1) as a starting point, and combined it with information from various other sources such as NIST SP800-61r2, the CREST incident response handbook, the SIM3 model and the GMU CSIRT social maturity handbook. The result is an assessment tool that allows for in-depth analysis of your CERT team. Some of the improvements made will eventually be integrated into the SOC-CMM.

Some of the major differences between the regular SOC-CMM and this version are:

- General: All questions rephrased to focus on CERT
- Business: 'privacy' updated to more generic 'laws and regulations'
- Process: use cases changed to scenarios
- People: different set of roles, added team and multi-team management
- Technology: added incident tracking system, removed SIEM, IDPS and big data analytics
- Service: removed all services, execpt for security incident management. Added many capabilities to the list and grouped these capabilities in logical groups

Suggestions for improvement can be made as replies to this post or via any other way. I will make it an official release towards the end of the year after I've processed your comments and suggestions. I'm looking forward hearing your opinion.


Attached Files
.xlsx   soc-cmm for CERT.xlsx (Size: 1,012.03 KB / Downloads: 279)
Reply


Messages In This Thread
SOC-CMM for CERT - by robvanos - 09-06-2019, 08:06 AM
RE: SOC-CMM for CERT - by kvillano - 09-07-2019, 12:18 PM
RE: SOC-CMM for CERT - by robvanos - 09-11-2019, 11:50 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)