01-26-2022, 12:33 AM
(10-01-2021, 01:01 PM)robvanos Wrote: It’s been 5 years since the initial release of the SOC-CMM. In the past 5 years, the SOC-CMM has evolved from a thesis project to a fully featured self-assessment for Security Operations Centers. The SOC-CMM has found its way into SOCs all around the world, helping security teams mature and professionalize their security operations globally.
Today, I’m happy to announce a new beta release of the SOC-CMM. This release features many enhancements that were introduced in the SOC-CMM4CERT. New elements have also been introduced, mainly in the process domain. With these additions, the SOC-CMM now features Mitre ATT&CK, visibility, detection engineering, adversary emulation and automated defence testing. There are still many more improvements and changes that I initially envisioned for this version, but development takes a lot of time and effort.
If you come across any issues, please let me, preferably through a reply to the post. I’m planning to finalise the product based on your feedback for an official release by the end of this year.
Any update on when this version will be released officially and out of beta? I'm currently taking MGT551: Building and Leading Security Operations Centers and have an OKR to utilize SOC-CMM to do a self assessment in Q1 of 2022. I currently plan to utilize version 2.1, but some of the improvements listed in this version (specifically additional guidance around the capabilities) are making me re-consider using this version as it will be our first time going through the assessment.
Will download this beta version and look through it for now - appreciate any feedback.
Thanks in advance!