Publicação
HANDLING CYBERSECURITY RELATED INCIDENTS IN THE SECURITY OPERATION CENTER OF THE POLYTECHNIC OF LEIRIA
| datacite.subject.fos | Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática | pt_PT |
| dc.contributor.advisor | Rabadão, Carlos Manuel da Silva | |
| dc.contributor.advisor | Oliveira, Adail Domingues da Silva de | |
| dc.contributor.author | Mateus, Marco Alexandre Clemente | |
| dc.date.accessioned | 2022-02-21T14:12:48Z | |
| dc.date.available | 2022-02-21T14:12:48Z | |
| dc.date.issued | 2021-12-06 | |
| dc.description.abstract | In the present day, IT systems are an integral part of most organizations, and play a huge role it their success. With the necessity to connect these systems to the internet to further amplify their benefits and possibilities, comes the issue of cybersecurity. Allied to the importance of these systems for the organizations, comes the interest of attackers in disrupting these same services. When the amount of cyberattacks occurring everyday is taken into consideration, and how these might impact organizations, this issue becomes one of the greatest challenges they have to deal with. The problems that this project deals with is fundamentally connect with this issue. With the variety of attacks that currently circulates Security Operations Center (SOC) rely on many different software to monitor their systems, which in turn create too much information to be handled individually by security analysts. In this project this issue was analyzed, as well how it can be handled, as the main objective of this is project is to find a solution for the SOC of the Instituto Politécnico de Leiria (IPLeiria) which is facing this very same issue. The proposed solution to this problem is through Security Orchestration, Automation and Response (SOAR). SOAR encompasses different concepts that help in creating effective and efficient routines to handles the incidents that a SOC faces on a daily basis. To tackle this problem in the case of the IPLeiria SOC, the solution found relied on the use of a SOAR platform or software. For this effect different solutions available were analysed, including free and paid software. The choice came down to using a free software called Shuffle 1 in conjunction with the already existent in the IPLeiria SOC case management platform TheHive 2. With these two tools, different playbooks were developed to handle the most prominent type of incidents the SOC faces. | pt_PT |
| dc.identifier.tid | 202944310 | pt_PT |
| dc.identifier.uri | http://hdl.handle.net/10400.8/6695 | |
| dc.language.iso | eng | pt_PT |
| dc.subject | Cybersecurity | pt_PT |
| dc.subject | Security Operations Center (SOC) | pt_PT |
| dc.subject | Security Orchestration Automation and Response (SOAR) x Software | pt_PT |
| dc.subject | Information security | pt_PT |
| dc.subject | Politécnico de Leiria | pt_PT |
| dc.title | HANDLING CYBERSECURITY RELATED INCIDENTS IN THE SECURITY OPERATION CENTER OF THE POLYTECHNIC OF LEIRIA | pt_PT |
| dc.type | master thesis | |
| dspace.entity.type | Publication | |
| rcaap.rights | openAccess | pt_PT |
| rcaap.type | masterThesis | pt_PT |
| thesis.degree.name | Mestrado em Cibersegurança e Informática Forense | pt_PT |
Ficheiros
Principais
1 - 1 de 1
A carregar...
- Nome:
- Projeto_MarcoMateus_2190376.pdf
- Tamanho:
- 8.44 MB
- Formato:
- Adobe Portable Document Format
- Descrição: