Abstract image of a woman sitting on books and studying on a laptop

Cyber Scotland Connect: What is Security Engineering?

Download as PPTX, PDF
H
Harry McLaren

Harry McLaren is a managing consultant at ECS who gives a presentation on cybersecurity engineering. Cybersecurity engineering involves building systems, deploying configurations, integrating systems, and developing solutions to protect against, detect, and respond to threats. It is important for engineering projects to consider people, process, technology, the end user, support requirements, and how the solution fits within the business and IT strategies. The presentation provides examples of scenario walkthroughs and best practices for engineers, such as using automation, version control, containers, and cloud technologies.

Technology
Related topics:
Information Security
1 of 18
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
What is [Cyber]Security Engineering? Harry McLaren – Managing Consultant at ECS
Harry McLaren •Alumnus of Napier University • Active Student Mentor •Managing Consultant at ECS [Security] • Splunk Enablement Lead, Engineer & Architect • Previous Roles: • Security Engineer, SOC Analyst, IT Technician
Coming Up: •Definition of [Cyber]Security Engineering •NIST Security Framework •It’s All About the PPTs! •Scenario Based Walkthrough •Best Practices for Engineers in 2018 •Resources ~25mins
Building things to protect, detect, and respond to threats. [Risk Management Control]
Image Source: Fuze
Types of Engineering (Not Exhaustive!) Systems Deployment & Configuration Systems Integration Setup of Automation & Orchestration Solution Development
It’s All About the PPTs! Successful Projects People Process Technology
People & Process • Who’s the end user? • Who’s going to support it? • How extensible is it? • What are the training requirements? • How do people feel? • Building champions! • How does it fit within the businesses IT? • How does it align to the company strategy? • Does it leverage best practices for design/build/deploy? • How resilient to change is the solution?
Scenario Walkthrough 1. Business Has Problem: Security Monitoring Desperate Data Sources, Data Siloed, Cross-Functional Use Cases, Legacy “Big Data” Choose a Technology: 2. Magic??? 3. 1-12 Months Later… Success!
Systems Deployment & Configuration • High/Low-Level Designs • Technical Architecture • Infrastructure Build • Software Deployment • Software Configuration
Integration into Other Systems • Data Collection • Data On-boarding • RESTful API • CMDB (Identities & Assets) • Workflow / Ticketing • Contextual Analysis
Setup of Automation & Orchestration • Automated Build • Auto-scaling • Responsive Actions • Version Control • Configuration Management
Solution Development • Data Analytics as a Service (DAaaS) • Self Service • End-to-End Business Support & Development • Centres of Excellence • Solution Champions
Best Practices for Engineers in 2018 • Outcome based Development (Lean/Scrum/Agile) • Version Control (VCS) • Configuration Management (CMS) • Development & Release Frameworks (Route-to-Live) • Capture Knowledge • Build Lab Environments • Containerisation for Rapid & Mobile Development • Leverage Cloud Agility • Consider Multi-Cloud • Facilitate the Business, Don’t be a Blocker
Resources • Splunk/ Data Analytics • Intro to Splunk • Free 2-day Course • Threat Hunting • Agile based Development • Version Control 101 • Configuration Management 101 • Getting Things Done Methodology • Cloud • Free AWS Tier / Training • Free Azure Tier / Training • Starting with Docker • Starting with Python • Starting with Go
Say Hello! @cyberharibu linkedin.com/in/harrymclaren harrymclaren.co.uk
Cyber Scotland Connect •Community Directed Group (What Do You Want?) Shape Us •Slack! (Website Coming Soon!) Connect with Us •Seeking Contributions (Speaking, Practical Labs, Etc) Share with Us
Cyber Scotland Connect: What is Security Engineering?

More Related Content

PPTX
Big Data For Threat Detection & Response
Harry McLaren
 
PPTX
SIEM Primer:
Anton Chuvakin
 
PPTX
EDR vs SIEM - The fight is on
Justin Henderson
 
PDF
INFOGRAPHIC▶ Protecting Corporate Information In the Cloud
Symantec
 
PPSX
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
PPTX
IBM - Security Intelligence para PYMES
Fernando M. Imperiale
 
PPTX
Modern Security Operations & Common Roles/Competencies
Harry McLaren
 
PPTX
Perforce on Tour 2015 - How are You Protecting Your Source Code?
Perforce
 
Big Data For Threat Detection & Response
Harry McLaren
 
SIEM Primer:
Anton Chuvakin
 
EDR vs SIEM - The fight is on
Justin Henderson
 
INFOGRAPHIC▶ Protecting Corporate Information In the Cloud
Symantec
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
IBM - Security Intelligence para PYMES
Fernando M. Imperiale
 
Modern Security Operations & Common Roles/Competencies
Harry McLaren
 
Perforce on Tour 2015 - How are You Protecting Your Source Code?
Perforce
 

What's hot (20)

PDF
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
infoLock Technologies
 
PPT
Top 10 SIEM Best Practices, SANS Ask the Expert
AccelOps
 
PPTX
PaaS security challenges and solutions (salesforce vision)
Olga Lavrentieva
 
PDF
Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESM
Anton Goncharov
 
PDF
Outpost24 webinar: Security Analytics: what's in a risk score
Outpost24
 
PPTX
Tictaclabs Managed Cyber Security Services
TicTac Data Recovery
 
PDF
Outpost24 webinar - Implications when migrating to a Zero Trust model
Outpost24
 
PPTX
Best Practices for Scoping Infections and Disrupting Breaches
Splunk
 
PPTX
Shared Security Responsibility in the AWS Public Cloud
Alert Logic
 
PDF
Issa symc la 5min mr
ISSA LA
 
PDF
LogSentinel Next-Gen SIEM
Denitsa Dimova
 
PDF
Top 5 Cloud Security Predictions for 2016
Alert Logic
 
PDF
RSA: Security Analytics Architecture for APT
Lee Wei Yeong
 
PPTX
How to Secure Your IaaS and PaaS Environments
Info-Tech Research Group
 
PDF
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
PDF
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
PPTX
Outpost24 webinar: Risk-based approach to security assessments
Outpost24
 
PPTX
Information Security: Advanced SIEM Techniques
ReliaQuest
 
PDF
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
centralohioissa
 
PPTX
Vulnerability Testing Services Case Study
Nandita Nityanandam
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
infoLock Technologies
 
Top 10 SIEM Best Practices, SANS Ask the Expert
AccelOps
 
PaaS security challenges and solutions (salesforce vision)
Olga Lavrentieva
 
Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESM
Anton Goncharov
 
Outpost24 webinar: Security Analytics: what's in a risk score
Outpost24
 
Tictaclabs Managed Cyber Security Services
TicTac Data Recovery
 
Outpost24 webinar - Implications when migrating to a Zero Trust model
Outpost24
 
Best Practices for Scoping Infections and Disrupting Breaches
Splunk
 
Shared Security Responsibility in the AWS Public Cloud
Alert Logic
 
Issa symc la 5min mr
ISSA LA
 
LogSentinel Next-Gen SIEM
Denitsa Dimova
 
Top 5 Cloud Security Predictions for 2016
Alert Logic
 
RSA: Security Analytics Architecture for APT
Lee Wei Yeong
 
How to Secure Your IaaS and PaaS Environments
Info-Tech Research Group
 
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Outpost24 webinar: Risk-based approach to security assessments
Outpost24
 
Information Security: Advanced SIEM Techniques
ReliaQuest
 
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
centralohioissa
 
Vulnerability Testing Services Case Study
Nandita Nityanandam
 
Ad

Similar to Cyber Scotland Connect: What is Security Engineering? (20)

PDF
Devops, Secops, Opsec, DevSec *ops *.* ?
Kris Buytaert
 
PPTX
Software-Engineering-and-Best-Practices.
Ozias Rondon
 
PDF
Configuration management: automating and rationalizing server setup with CFEn...
RUDDER
 
PDF
Configuration management: automating and rationalizing server setup with CFEn...
Jonathan Clarke
 
PPTX
Splunk User Group Edinburgh - September Event
Harry McLaren
 
PPTX
SplunkLive! Paris 2018: Legacy SIEM to Splunk
Splunk
 
PDF
Oracle Systems _ Kevin Mcisaac _ The IT Landscape has changes - have you_.pdf
InSync2011
 
PDF
Coding Secure Infrastructure in the Cloud using the PIE framework
James Wickett
 
PPTX
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
JAXLondon_Conference
 
PPTX
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
Daniel Bryant
 
PDF
The Return of the Dull Stack Engineer
Kris Buytaert
 
PPTX
OWASP - Analyst, Engineer or Consultant?
Harry McLaren
 
PDF
Productivity Engineering: Surviving DevOps
Mike McGarr
 
PPTX
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
Daniel Bryant
 
PDF
The What, Why, and How of DevSecOps
Cprime
 
PPTX
Best Practices for a CoE
Splunk
 
PDF
Why we got to Docker
allingeek
 
PDF
Modern Web development and operations practices
Grig Gheorghiu
 
PPTX
Splunk für Security
Splunk
 
PDF
SFBA Splunk Usergroup meeting March 13, 2024
Becky Burwell
 
Devops, Secops, Opsec, DevSec *ops *.* ?
Kris Buytaert
 
Software-Engineering-and-Best-Practices.
Ozias Rondon
 
Configuration management: automating and rationalizing server setup with CFEn...
RUDDER
 
Configuration management: automating and rationalizing server setup with CFEn...
Jonathan Clarke
 
Splunk User Group Edinburgh - September Event
Harry McLaren
 
SplunkLive! Paris 2018: Legacy SIEM to Splunk
Splunk
 
Oracle Systems _ Kevin Mcisaac _ The IT Landscape has changes - have you_.pdf
InSync2011
 
Coding Secure Infrastructure in the Cloud using the PIE framework
James Wickett
 
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
JAXLondon_Conference
 
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
Daniel Bryant
 
The Return of the Dull Stack Engineer
Kris Buytaert
 
OWASP - Analyst, Engineer or Consultant?
Harry McLaren
 
Productivity Engineering: Surviving DevOps
Mike McGarr
 
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
Daniel Bryant
 
The What, Why, and How of DevSecOps
Cprime
 
Best Practices for a CoE
Splunk
 
Why we got to Docker
allingeek
 
Modern Web development and operations practices
Grig Gheorghiu
 
Splunk für Security
Splunk
 
SFBA Splunk Usergroup meeting March 13, 2024
Becky Burwell
 
Ad

More from Harry McLaren (20)

PPTX
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Harry McLaren
 
PPTX
Becoming a Defender (Blue Teams FTW!)
Harry McLaren
 
PPTX
Virtual Splunk User Group - Phantom Workbook Automation & Threat Hunting with...
Harry McLaren
 
PPTX
SOC Fundamental Roles & Skills
Harry McLaren
 
PPTX
Hunting Hard & Failing Fast (ScotSoft 2019)
Harry McLaren
 
PPTX
Splunk Phantom, the Endpoint Data Model & Splunk Security Essentials App!
Harry McLaren
 
PPTX
Collecting AWS Logs & Introducing Splunk New S3 Compatible Storage (SmartStore)
Harry McLaren
 
PPTX
Using Metrics for Fun, Developing with the KV Store + Javascript & News from ...
Harry McLaren
 
PPTX
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
PPTX
SplDevOps: Making Splunk Development a Breeze With a Deep Dive on DevOps' Con...
Harry McLaren
 
PPTX
Lessons on Human Vulnerability within InfoSec/Cyber
Harry McLaren
 
PPTX
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
Harry McLaren
 
PPTX
Cyber Scotland Connect: Getting into Cybersecurity (Deck 2)
Harry McLaren
 
PPTX
Cyber Scotland Connect: Getting into Cybersecurity (Deck 1)
Harry McLaren
 
PPTX
Cyber Scotland Connect: Welcome & Purpose Statement
Harry McLaren
 
PPTX
Latest Updates to Splunk from .conf 2017 Announcements
Harry McLaren
 
PPTX
Securing the Enterprise/Cloud with Splunk at the Centre
Harry McLaren
 
PPTX
Security Meetup Scotland - August 2017 (Deconstructing SIEM)
Harry McLaren
 
PPTX
Deconstructing SIEM
Harry McLaren
 
PPTX
Supporting Splunk at Scale, Splunking at Home & Introduction to Enterprise Se...
Harry McLaren
 
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Harry McLaren
 
Becoming a Defender (Blue Teams FTW!)
Harry McLaren
 
Virtual Splunk User Group - Phantom Workbook Automation & Threat Hunting with...
Harry McLaren
 
SOC Fundamental Roles & Skills
Harry McLaren
 
Hunting Hard & Failing Fast (ScotSoft 2019)
Harry McLaren
 
Splunk Phantom, the Endpoint Data Model & Splunk Security Essentials App!
Harry McLaren
 
Collecting AWS Logs & Introducing Splunk New S3 Compatible Storage (SmartStore)
Harry McLaren
 
Using Metrics for Fun, Developing with the KV Store + Javascript & News from ...
Harry McLaren
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
SplDevOps: Making Splunk Development a Breeze With a Deep Dive on DevOps' Con...
Harry McLaren
 
Lessons on Human Vulnerability within InfoSec/Cyber
Harry McLaren
 
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
Harry McLaren
 
Cyber Scotland Connect: Getting into Cybersecurity (Deck 2)
Harry McLaren
 
Cyber Scotland Connect: Getting into Cybersecurity (Deck 1)
Harry McLaren
 
Cyber Scotland Connect: Welcome & Purpose Statement
Harry McLaren
 
Latest Updates to Splunk from .conf 2017 Announcements
Harry McLaren
 
Securing the Enterprise/Cloud with Splunk at the Centre
Harry McLaren
 
Security Meetup Scotland - August 2017 (Deconstructing SIEM)
Harry McLaren
 
Deconstructing SIEM
Harry McLaren
 
Supporting Splunk at Scale, Splunking at Home & Introduction to Enterprise Se...
Harry McLaren
 

Recently uploaded (20)

PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PDF
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
PPT
Geologic Time for studying geology for geologist
ssuser738f5a
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PPTX
Web Crawler for Trend Tracking Gen Z Insights.pptx
Actowiz Solustions
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
PDF
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PDF
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
PDF
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
DOCX
search engine optimization ppt fir known well about this
StandardCodeLearning
 
PDF
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
What is a Computer? Input Devices /output devices
GulJan8
 
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
Geologic Time for studying geology for geologist
ssuser738f5a
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
Modernising the Digital Integration Hub
Daniel Toomey
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
Web Crawler for Trend Tracking Gen Z Insights.pptx
Actowiz Solustions
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
search engine optimization ppt fir known well about this
StandardCodeLearning
 
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 

Cyber Scotland Connect: What is Security Engineering?

  • 1. What is [Cyber]Security Engineering? Harry McLaren – Managing Consultant at ECS
  • 2. Harry McLaren •Alumnus of Napier University • Active Student Mentor •Managing Consultant at ECS [Security] • Splunk Enablement Lead, Engineer & Architect • Previous Roles: • Security Engineer, SOC Analyst, IT Technician
  • 3. Coming Up: •Definition of [Cyber]Security Engineering •NIST Security Framework •It’s All About the PPTs! •Scenario Based Walkthrough •Best Practices for Engineers in 2018 •Resources ~25mins
  • 4. Building things to protect, detect, and respond to threats. [Risk Management Control]
  • 6. Types of Engineering (Not Exhaustive!) Systems Deployment & Configuration Systems Integration Setup of Automation & Orchestration Solution Development
  • 7. It’s All About the PPTs! Successful Projects People Process Technology
  • 8. People & Process • Who’s the end user? • Who’s going to support it? • How extensible is it? • What are the training requirements? • How do people feel? • Building champions! • How does it fit within the businesses IT? • How does it align to the company strategy? • Does it leverage best practices for design/build/deploy? • How resilient to change is the solution?
  • 9. Scenario Walkthrough 1. Business Has Problem: Security Monitoring Desperate Data Sources, Data Siloed, Cross-Functional Use Cases, Legacy “Big Data” Choose a Technology: 2. Magic??? 3. 1-12 Months Later… Success!
  • 10. Systems Deployment & Configuration • High/Low-Level Designs • Technical Architecture • Infrastructure Build • Software Deployment • Software Configuration
  • 11. Integration into Other Systems • Data Collection • Data On-boarding • RESTful API • CMDB (Identities & Assets) • Workflow / Ticketing • Contextual Analysis
  • 12. Setup of Automation & Orchestration • Automated Build • Auto-scaling • Responsive Actions • Version Control • Configuration Management
  • 13. Solution Development • Data Analytics as a Service (DAaaS) • Self Service • End-to-End Business Support & Development • Centres of Excellence • Solution Champions
  • 14. Best Practices for Engineers in 2018 • Outcome based Development (Lean/Scrum/Agile) • Version Control (VCS) • Configuration Management (CMS) • Development & Release Frameworks (Route-to-Live) • Capture Knowledge • Build Lab Environments • Containerisation for Rapid & Mobile Development • Leverage Cloud Agility • Consider Multi-Cloud • Facilitate the Business, Don’t be a Blocker
  • 15. Resources • Splunk/ Data Analytics • Intro to Splunk • Free 2-day Course • Threat Hunting • Agile based Development • Version Control 101 • Configuration Management 101 • Getting Things Done Methodology • Cloud • Free AWS Tier / Training • Free Azure Tier / Training • Starting with Docker • Starting with Python • Starting with Go
  • 17. Cyber Scotland Connect •Community Directed Group (What Do You Want?) Shape Us •Slack! (Website Coming Soon!) Connect with Us •Seeking Contributions (Speaking, Practical Labs, Etc) Share with Us

Editor's Notes

  • #6: Image Source: https://www.fuze.com/blog/on-the-Evolving-Cybersecurity-Landscape
  • #10: Image Source: https://southpark.cc.com
  • #11: Image Source: https://aws.amazon.com/quickstart/architecture/splunk-enterprise/