Operationalizing our custom “SOC in a Box” at the RSA Conference 2024

Cisco engineers often face the challenge of setting up a Security Operations Center in two days at global events. Aditya Sankar explains the process with our “SOC in a Box” in this blog.

Secure Firewall & Multicloud Defense: Secure Connectivity With Simplified Policy Across Clouds

Learn how Cisco is bringing on-prem and cloud security together into a unified platform to marry the power of Cisco Secure Firewall and Multicloud Defense.

Cisco Hypershield – Our Vision to Combat Unknown Vulnerabilities

Cisco Hypershield can help protect organizations agains unknown vulnerabilities by detecting and blocking unknown vulnerabilities in runtime workloads.

Cisco & Splunk: A Complete SOC Platform Purpose-Built for the AI-Driven Future

We're excited about the integration of Cisco XDR and Splunk Enterprise Security, creating a SecOps platform that can grow with customers as needs change.

Supercharging Cisco XDR with AI and Identity Intelligence at RSAC 2024

Cisco XDR is a leader in providing comprehensive threat detection and response across the entire attack surface. We’ll be showcasing new capabilities that will give security teams even more insight, a… Read more on Cisco Blogs

Sign up for a Tour at the RSA Conference 2024 SOC

Join the guided tour outside the Security Operations Center, where we’ll discuss real time network traffic of the RSA Conference, as seen in the NetWitness platform. Engineers will be using Cisco S… Read more on Cisco Blogs

RSA Conference® 2022 Security Operations Center Findings Report

NetWitness and Cisco released the third annual Findings Report from the RSA Conference® 2022 Security Operations Center (SOC).

The RSA Conference® SOC analyzes the Moscone Center wireless traffic, which is an open network during the week of the Conference.

The role of the SOC at RSA Conference is an educational exhibit sponsored by NetWitness and Cisco. It has elements of a SOC like you would create to protect an organization. The RSAC SOC coordinated with the Moscone Center Network Operation Center for a SPAN of the network traffic from the Moscone Center wireless network. In the SOC, NetWitness had real time visibility of the traffic traversing the wireless network. Cisco provided automated malware analysis, threat intelligence, DNS visibility and Intrusion Detection; brought together with SecureX.

The goal of the RSAC SOC is to use technology to educate conference attendees about what happens on a typical wireless network. The education comes in the form of daily SOC tours and an RSA Conference® session. You can watch the replay of the ‘EXPOSURE: The 3rd Annual RSAC SOC Report’ session here.

The findings report addresses several security topics, including:

• Encrypted vs. Unencrypted network traffic
• Cleartext Usernames and Passwords
• Voice over IP
• Threat Hunting
• Malware Analysis, through the NetWitness® integration
• Malicious Behavior
• Domain Name Server (DNS)
• Automate, Automate
• Intrusion Detection
• Firepower Encrypted Visibility Engine (EVE)
• Firepower and NetWitness® Integration

Look forward to seeing you in 2023!

Download the RSA Conference® 2022 Security Operations Center Findings Report here.

Acknowledgements: Our appreciation to those who made the RSAC SOC possible.

NetWitness Staff

Percy Tucker

Steve Fink

Bart Stump

Dave Glover

Cisco Staff

Jessica Bair Oppenheimer – Cisco SOC Manager

Ian Redden – Team Lead & Integrations

Aditya Sankar / Ben Greenbaum – SecureX & Malware Analytics

Alejo Calaoagan / Christian Clasen – Cisco Umbrella

Dinkar Sharma / Seyed Khadem-Djahaghi – Cisco Secure Firewall

Matt Vander Horst – SecureX Orchestration

Doug Hurd – Partnerships

Hardware Support

Eric Kostlan

Navin Sinha

Zohreh Khezri

Eric Goodwin

Gabe Gilligan and the amazing staff at XPO Digital!

---

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn