Knock Your SOCs Off: Modernizing Security Operations

Kat Sweet

Kat Sweet

Speaker Bio

Kat Sweet works on the product team of Linux security startup Capsule8 as a technical evangelist. Previously, she was a security analyst at Duo Security, building out their multifaceted security operations program and hand-crafting many puns about zero trust. She keynoted the inaugural DevSecOps Days Austin and has spoken at several security conferences including LASCON, BSidesLV, CircleCityCon, and HOPE, in addition to serving on the staff of BSidesLV since 2017. When she’s not in security mode you can find her bursting into song, picking unsuspecting locks, or dangling upside down.


The model still in wide use for security operations – the tiered SOC in a windowless room staring at a single glass of pain – is a product of technological environments in rapid decline. As infrastructure and organizational structures evolve, so too must the teams responsible for keeping the lights on evolve their people, process, technology, and culture. So what does this look like for those on the ground?


From the brain of a former security analyst building out operations in a cloud-first and zero-trust environment (buzzword bingo cards not provided), we’ll reflect upon what problems we’re trying to solve in security operations and how to reimagine our solutions for the environment in front of us, whether it’s a distributed workforce, shiny new cloud infrastructure mixed with old servers in the basement, or a fleet of unmanaged endpoints. Attendees will gain practical approaches to adapting our own processes and tooling, revisiting our sources of truth, and turning our focus outward to engagement and visibility within the larger org.