Introduction to

SecOps

ECOLE IT – 5SOP- Année Académique 2023-2024 – © Tous droits réservés

Objectives :
• Be able to define SecOps

• Know the benefits of SecOps

• Be able to implement and pitch SecOps tools

ECOLE IT – 5SOP- Année Académique 2023-2024 – © Tous droits réservés

Planning :
• Day 1 : Fundamentals and Introduction
• Day 2 : Security Operations Center
• Day 3 : SecOps Tools
• Day 4 : Use Case Build your SecOps Offer: Build a Security Operations Center(SOC)
• Day 5 : Use Case Build your SecOps Offer : Implement Secops Tools (SIEM)
• Day 6 : Use Case Build your SecOps Offer : Pitch your Offer

ECOLE IT – 5SOP- Année Académique 2023-2024 – © Tous droits réservés

 Introduction to SecOps
objectives: Understand the concept of SecOps, the objectives of the
methodology and the benefits

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

Summary
• Definition of SecOps

• How SecOps relates to DevOps

• Goal of SecOps - integrate security into IT operations

• SecOps vs traditional security model

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

Security Challenges facing many companies

Global threats

Lack of visibility

Small teams

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

Definition of SecOps ?
Definition :
SecOps is a methodology that recommend a close collaboration of Security and IT Operations Teams in
objectives to have a large panel of tools to respond and be more proactive to IT security issues in a
company

Importance :

• IT Security : SecOps Teams have the task to implement and manage solution against security Threats,
risks and vulnerability

• Collaboration : Traditional Security teams implements some tools and procedures to face security
issues but it gives mostly some hard times to the IT operations teams and occasion failures, delays,
project interruptions and more

• Solution modeling : SecOps methodology is meant to integrate security by design in every layer of
the IT organization with the right tools and respond quickly to security issues

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

Definition of SecOps ?
Key Concepts of Secops :
The SecOps methodology relies on some key concepts that helps accelarate and have a better security
vision :

Security scanning Continous Delivery

Security as Code Incident Response Threat modeling

Security
Collaboration
Automation

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

How SecOps relates to DevOps
What’s Devops ? :
DevOps is a combination development and operations to increase the efficiency, speed, and security of
software development and delivery compared to traditional processes

DevOps description :
DevOps represents a culture and unique software development philosophy that involves specific
technical practices. DevOps makes it possible to communicate, automate, and integrate across all teams
required to develop, test, implement, and maintain a dedicated software solution

DevOps Goals :
• Create Robust and scalable infrastructure : The main goal of Devops is to develop sustainable
infrastructure for specific applications and ensure high availability and scalability.
• Faster time to market : One objective of Devops is to automate repetitive tasks like reporting and
testing to speed up the process and deploy more.
• Enable collaboration across teams : In order to automate repetitive tasks among processes. You need
a collaboration of the team in charge of those task such as development and testing deployments

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

How SecOps relates to DevOps

Sec

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

The goal of SecOps
Concepts Objective Main Goal

Security scanning Operational

Efficiency

Security as Code
Security Compliance Secure by design

Collaboration

Reduce cost
associated with
Continous Delivery security breaches

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

The benefits of SecOps

Reduced Risk of Cyber Threats Improved Operational Efficiency

SecOps helps organizations identify IT security and operations teams
and mitigate security risks before work together, they can streamline
they escalate into significant processes, share expertise, and make
incidents by adopting a proactive better-informed decisions, ultimately
and collaborative approach. improving overall organizational
efficiency.

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

The benefits of SecOps

Enhanced Compliance Better Incident Response

SecOps ensures that A well-defined SecOps
organizations adhere to framework can help
regulatory requirements and organizations respond to
industry standards, reducing the security incidents more
risk of costly fines and effectively, minimizing
reputational damage downtime and business
disruption.

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

Some of the Security ennemies
Vulnerability Threats Risks

• Vulnerabilities are • A threat is anything that • A risk is the probability of

weaknesses that can be can exploit a vulnerability a negative event occuring
exploit (Example: An Attacker….) • A risk is usually a sum of a
• It can be technical or not • Threats motivation can threat and a vulnerability
• Natural accidents(Fire, be multiple • A threat using a
Flood….) • Data vulnerability to attack
• Technical vulnerabilities • Money (Phishing attacks,
are bugs in a code or an • Computer Resources Ransomware ….)
error in some hardware • Chaos
or software
• Human vulneralibilities
are everyone that can
be in contact with your
IT systems (standard
Employees,
maintenance…)

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

SecOps vs traditional security model
Exercice
You are security consultants working for a retail company. You were call to do an audit of security risks and propose how to improve the
security posture and organisation.
The company have several websites and was victim of a big ransomware attack in the past few years. This attack occurred using a security
breach on a servers running an Old OS version.
The company use standard security mechanism such as Firewall and Layer 7 WAF but a single open to everything rule.
The server was not compliant to the security policy of the company but the security team was not aware of the situation and the team
operating the system was not aware of the company security pratice.
This server host every critical workloads of the company and new feature deployment are made during 2 weeks because it implies a lot of
repetitive tasks.

Context :
Preparing a meeting with your customer after the discovery of the use case. Identify why your company is implementing security, what are
the assets that needs to be protected by security, what are the mechanims in place to protect those assets, who are in charge of the security,
what are the pain point implementing security and what can be improved to leverage those pain points.

Objective :
Make a simple description of the company’s security posture, what is good, what is not good and express some potential solution

Expected :
Slides with a quick presentation(15 min) of your report

Group: 1 people

Remark : No precise technical solution is expected; the aim is to draw up a map of the elements to be protected in the processes in place,
the problems linked to these processes and the elements that can correct them.
ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés
 SecOps vs traditional security model
Traditional Security Model SecOps

Security team Focus on Security

Security by
separate from IT perimeter integrated with
design
operations defense IT operations

Manual Automation of Agile

Late in process
Processes security Development

Reactive and Proactive

responsive Security

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés

 Avenue Alan Turing - 59410 Anzin – France
+33 3 74 01 09 84 - contact@ecole-it.com

www.ecole-it.com

ECOLE IT – 5SOP - Année Académique 2023-2024 – © Tous droits réservés