awesome-soc
This compilation features in-depth resources and field best practices for developing and managing Security Operations Centers (SOC) and Computer Security Incident Response Teams (CSIRT). Drawing on insights from experienced SOC/CSIRT analysts and managers, it elucidates essential tools, concepts, and workflows for detection and incident response activities. Key topics include foundational principles, essential tools, IT/security monitoring, management, HR training, and advanced threat intelligence and detection engineering strategies. The guide references established frameworks and strategies to enhance efficient security operations and robust incident response capabilities.