, Positive Technologies, The Standoff — 2018-, Positive Hack Days. , SIEM- (MaxPatrol SIEM), (PT Network Attack Discovery) (PT MultiScanner). , , , , , , . ( ): 2018 12 , MaxPatrol SIEM «» 20 000 EPS, PT Network Attack Discovery 3 , , (-, , .), .
«» SOC The Standoff PHDays: PT Application Firewall PT Industrial Security Incident Manager. . , ó ( 18 , SOC), . , , . , . — , , , The Standoff .
, , The Standoff , — , . - .
Purple teaming
, (123 ) — . SOC , threat hunting , , , kill chains . : , , , . , , .
, — The Standoff SOC 24 , . , , SOC, The Standoff : , . .
24/7 , (, , ). — , red teams. , . , , , The Standoff. , , blue teams, .
, The Standoff , , purple teaming — , , — . SOC , .
« »
, SOC?
( ) PT Application Firewall. SOC MaxPatrol SIEM, . SOC PT Network Attack Discovery, SIEM- , . , , PT Industrial Security Incident Manager. , SOC – PT Sandbox, . PT Sandbox , red teams .
, . , , , «». . , (), .
, , , . «» , - , , . SOC 100% , , , , , — , , . SOC , , , , , - PT AF.
MaxPatrol SIEM, PT ISIM PT NAD, , , . .
— — . Red teams . SOC , , , , , , .
200 ( , SOC , ) 21 . , , 11 . 47% — .
, . , , , , . SOC , , , . , , . , . SOC , , . . , , . ( — ), . «» . .
The Standoff
The Standoff . , . , offensive security. , - — , - . , , , , , , , — .
The Standoff PT ESC The Standoff, , SOC . , , .
P. S. , , The Standoff PT ESC, , , , , , , PR-, , , SOC :) , - , — .
: , (PT Expert Security Center), Positive Technologies
6 The Standoff , , . .
, 10 14:00 Positive Technologies , , , Positive Technologies .
SOC, Positive Technologies: MaxPatrol SIEM, PT Application Firewall, PT NAD, PT Sandbox, PT ISIM.