Model teòric de creació d'un SOC per a entorns al núvol amb les eines natives d'AZURE

Jofre Bravo, Jaume

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/139386

Title:	Model teòric de creació d'un SOC per a entorns al núvol amb les eines natives d'AZURE
Author:	Jofre Bravo, Jaume
Tutor:	Luis Gargallo, Erik
Abstract:	This report presents a theoretical model of SOY services implementation to the cloud for the provision of infrastructure security systems, hosted in Microsoft Azure. An infrastructure model of a fictitious client called ACMÉ is presented: the functioning of a ZOCO and the tools it can use are briefly described, some possible sources of platform security data are reviewed and it is proposed how this information can be delivered to the ZOCO for processing. The methodology followed has been a theoretical description, consciously omitting specific commercial references beyond the existing own resources to the Microsoft Azure cloud, to make a drafting agnostic to the tools that, finally, are implemented to deploy the services and functionalities of the ZOCO. The result has been a report structured in 7 chapters, where each of the mentioned components has been presented and it has been tried to provide the reader with all the necessary references to be able to deepen in each of the treated elements. The final conclusion of the work is that the amount of information that can be generated from Azure resources, both at the level of logs and metrics, offers two different possibilities of treatment: a first one where the critical security information will be filtered at source and a second one where a massive sending of all the events will be made by the subsequent ZOCO treatment.
Keywords:	Cloud computer security SOC
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	10-Dec-2021
Publication license:	http://creativecommons.org/licenses/by-nc-nd/3.0/es
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.