When Richard asked me to participate as a moderator for the MSSP/SOC Panel I was of course flattered and thrilled to participate!  I’ll be moderating a panel discussion on MSSP and Corporate SOC capabilities.  I’m looking to expose “what works” from each perspective and hopefully we’ll gleam some valuable insight from both perspectives.  Let’s face it most larger organization flip-flop between internal/external capabilities every few years… let’s find out why and what value they gain from each perspective. 

If you’d like your questions, comments addressed in this forum please email or tweet (DM) me and I’ll do my best to incorporate your thoughts!  If you are in the DC area you really should attend this summit - The speakers are some of the best practitioners out there all looking to share techniques for successful detection in their enterprise. 

Event Description:
Following the success of the 2008 and 2009 editions of the SANS WhatWorks in Forensics and Incident Response Summits, SANS is teaming with Richard Bejtlich to create a practioner-focused event dedicated to incident detection operations. The SANS Incident Detection Summit will share tools, tactics, and techniques practiced by more than 40 of the world’s greatest incident detectors in two full days of content consisting of keynotes, expert briefings, and dynamic panels.

http://www.sans.org/incident-detection-summit-2009/