Comment on page
CFC Evolution
@ducklah @fkclai
Cyber Evolution
Level 1: System Event Monitoring
Start with Anti-Virus and Firewall alerts and worked under the Network Operation Centre
Level 2: Security Monitoring
Introduce log integration with SIEM product, and start the playbook development, the first stage of blue team establishment
Level 3: Security Orchestration
Introduce SOAR, starting the automation security by integrating the developed playbook into the defense process. Offensive security is introduced in this stage to know yourself and know your enemy
Level 4: Threat-Informed Cybersecurity
Develop the threat intelligence capability integrated with threat hunting technique, and behavior-based analysis to establish an all-rounded proactive defense strategy
Level 5: Cyber Fusion Centre
Link with external defensive resources, perform threat analysis and integrate with the ISAC, contributing to the community
Last modified 5mo ago