Comment on page
CFC Framework
@ducklah @fkclai
We recommend the Cyber Fusion Centre Framework as below
Offensive Security
Work with business and IT stakeholders to perform security validation on applications, servers, and any devices at the organization and keep tapping on emerging cyber threats and adversary’s TTPs
Strategic Threat Monitoring
Evaluate current and emerging security control, and address control gaps observed from new cyber scenarios. Finally, advise stakeholders of any observed detection and/or control gaps
24 X 7 Threat Triage
1st line monitoring & vendor service management, supporting with the security log onboarding and workflow management to enrich cybersecurity use case and SOPs
Threat Hunting
Utilize MITRE ATT&CK framework to advise on internal detection and protection measures Identify vulnerabilities, attacker trends, and novel malware
Incident Response
Incident management and oversight of follow-up and remediation actions provide a timely incident update to ensure all steps are taken to address potential risk
Threat Analysis
Perform research on enrichment from technical & intelligence perspectives. Operated threat feeds to conduct threat hunting in SIEM, SOAR, EDR, CASB, CTI Platform, etc.
Last modified 5mo ago