Cloud Computing

RSA Conference™ 2023 Security Operations Center Findings Report


NetWitness and Cisco released the fourth annual Findings Report from the RSA ConferenceTM 2023 Security Operations Center (SOC).

The RSA Conference™­ SOC analyzes the Moscone Center wireless traffic, which is an open network during the week of the Conference.

The role of the SOC at RSA Conference is an educational exhibit sponsored by NetWitness and Cisco. It has elements of a SOC like you would create to protect an organization. The RSAC SOC coordinated with the Moscone Center Network Operation Center for a SPAN (Switched Port Analyzer is a dedicated port on a switch that takes a mirrored copy of network traffic from within the switch to be sent to a destination) of the network traffic from the Moscone Center wireless network.

In the SOC, NetWitness had real time visibility of the traffic traversing the wireless network. Cisco provided automated malware analysis, Talos threat intelligence, DNS visibility and Intrusion Detection; brought together with Cisco XDR. Our thanks to community and corporate partners threat intelligence partners, including alphaMountain.ai, IBM X-Force Exchange, Pulsedive and Recorded Future.

Check out this video inside the SOC

The goal of the RSAC SOC is to use technology to educate conference attendees about what happens on a typical wireless network. The education comes in the form of daily SOC tours and an RSA ConferenceTM session. You can watch the replay of the ‘EXPOSURE: The 4th Annual RSAC SOC Report’ session.

The findings report addresses several security topics, as Cybersecurity Awareness Month is a good time to review your best practices, including:

  • Technology Used in The RSAC SOC
  • The Data and examples of Insecurity
  • Integration And Threat Hunting
  • Malware Analysis
  • Domain Name Server (DNS)
  • Intrusion Detection with the Firewall

Download the RSA ConferenceTM 2023 Security Operations Center Findings Report. You can also view the 2022 report.

Look forward to seeing you in May 2024!

Acknowledgements: Our appreciation to those who made the RSAC SOC possible.

NetWitness Staff

Steve Fink

Dave Glover

Iain Davison

Alessandro Zatti

Coody Spooner

Bart Stump

BJ Deonarain

Joseph Murphy

Theodore Hanibal

Kalyan Ramkumar

Cisco Staff

Jessica Bair Oppenheimer                    Cisco SOC Manager

Ian Redden                                          Team Lead & Integrations

Aditya Sankar / Ben Greenbaum           Cisco XDR, Secure Cloud Analytics & Malware Analytics

Alejo Calaoagan / Christian Clasen       Cisco Umbrella

Dinkar Sharma / Adam Kilgore              Cisco Secure Firewall

Brian McMahon                                    Threat Wall


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn

Share: