This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
SOC-CMM v2.2 (beta release)
#1
It’s been 5 years since the initial release of the SOC-CMM. In the past 5 years, the SOC-CMM has evolved from a thesis project to a fully featured self-assessment for Security Operations Centers. The SOC-CMM has found its way into SOCs all around the world, helping security teams mature and professionalize their security operations globally.
 
Today, I’m happy to announce a new beta release of the SOC-CMM. This release features many enhancements that were introduced in the SOC-CMM4CERT. New elements have also been introduced, mainly in the process domain. With these additions, the SOC-CMM now features Mitre ATT&CK, visibility, detection engineering, adversary emulation and automated defence testing. There are still many more improvements and changes that I initially envisioned for this version, but development takes a lot of time and effort.
 
If you come across any issues, please let me, preferably through a reply to the post. I’m planning to finalise the product based on your feedback for an official release by the end of this year.


Attached Files
.xlsx   soc-cmm 2.2 - advanced.xlsx (Size: 1.46 MB / Downloads: 201)
.xlsx   soc-cmm 2.2 - NIST CSF 1.1 - mapping.xlsx (Size: 52.54 KB / Downloads: 164)
Reply
#2
Change notes (as compared to version 2.1):

Business domain:
- Governance:
  - question 4.10 added (external SOC cooperation)
- Privacy & Policy:
  - questions 5.1, 5.2 and 5.3 added (security policy)
  - question 5.4: additional NIST mapping applied

People domain:
- Employees:
  - questions 1.9 and 1.10 added (KSAOs)
- People Management:
  - questions 3.5 and 3.6 added, renumbering applied (team goals and tracking of goals)
  - questions 3.13 and 3.14 added (multi-team systems and team performance)
- Knowledge management:
  - question 4.4.1 added, renumbering applied (employee abilities)

Process domain:
- Operations and facilities:
  - question 2.1.6 added (OPSEC program)
  - questions 2.3.2, 2.3.5, 2.3.9 added, renumbering applied (war room, physical storage, remote working)
  - question 2.4.2 added, renumbering applied (viligance)
- Reporting:
  - question 3.8.6 added (proactive & reactive metrics)
  - questions 3.10.1 and 3.10.2 added (education & awareness)
- Use case management:
  - question 4.1.9 (testing use cases) moved to detection engineering, renumbering applied
  - section 4.2 added (Mitre ATT&CK)
  - section 4.3 added (visbility)
- Detection Engineering & Validation:
  - completely new section

Technology domain:
- Maintenance and support removed from capabilities, and moved to maturity (section x.4), renumbering applied. Applies to all technologies

Services domain:
- Threat Intelligence
  - question 4.14.25 added, renumbering applied (threat landscaping)
  - question 4.14.31 added (CTI infrastructure management)

Backend improvements:
- calculations improved and simplified
- Index updated from percentage completed to remaining questions
- generic guidance applied for all capabilities (technology & services domain)
- guidance added for new questions

Bug fixes & typos:
- Typos fixed where found
- conditional formatting error fixed

License updated:
- CC BY-SA instead of GPLv3
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)