Sign up for class related updates
SOC Class Build and operate SOCs
SOC-class is the Montance® LLC live instructional offering for those seeking to build or mature a Cyber Security Operations Center. Take this class to shorten the learning curve to excellence in your SOC.
The class provides the following:
Guidance on business orientation, use case development, hunting techniques
Reference model for all functions of a SOC: monitoring, response, intelligence, metrics
Guidance on developing internal capability and strategic outsourcing
Detailed discussion of technology, process, and analytical staff relations and optimization
Sequence of actions for building a SOC, or assessing an established SOC's maturity and capability
I have been a student on a course taught by you and teach assistant at events where you have taught. You have an amazing and broad technical knowledge which is combined with a deep understanding of security and its role in the business. You have an outstanding ability to convey complicated technical information to both technical and non-technical audiances. You manage audiences ranging from entry level technical security personnel to executives and CISOs with ease. Your advice and guidance provides superb, cost-effective solutions to real world problems. I have consistently been impressed with your professionalism and knowledge. It was an genuine pleasure to be a student and I wouldn’t hesistate to recommend you to others.
Taz Wake, Security Director Halkyn Consulting Ltd
It's is rare that you come across someone with such exceptional talent and professionalism as Chris. I've had the pleasure of working with Chris for many years as a peer. His ability to breakdown complex challenges in an approachable format makes him an expert in delivering solutions. I highly recommend Chris as an asset to help solve the problems we face in protecting our critical systems against cyber attacks.
Joe Vest, Author (Red Team Development and Operations)
Myself and my staff have had the pleasure of attending training and conferences hosted by Chris. He has a font of knowledge and experience pertaining to multiple domains of information security/security operations. I will continue to recommend my staff and my peers in industry to seek out Chris' training and advice wherever they can get it, via SANS, AND, or directly from Chris.
Nathan Clarke - Advanced SOC Manager at Verizon Australia
As for me, Mr. Crowley's main qualities are sensitivity, care, understanding of business processes, and patience. I had a luck to learn mobile application security from him at SEC575 Sans classes. When you talk with Christopher, it feels like he knows exact answers on questions that you kept inside yourself for a long long time, and you want work hard to learn his wisdom. Furthermore, Christopher is proactive in making people's lives better. While being in classes, I asked a lot of questions and got a lot of answers, and he answered me very patiently, even if my questions are unnecessary or irrelevant. Mr. Crowley's answers are specific, short, deep, and with strict footing on business. He speaks very accurately. Therefore I definitely recommend Christopher Crowley as a well-qualified teacher, and a solid security expert, which level of solidity I cannot even feel, like a grain of sand cannot understand the weight of a mountain.
Simon Lyhin, Deloitte Ukraine
I've been fortunate enough to attend more than a dozen big name cyber security, hacking and forensics courses over the past 9 years. The quality and breadth of subject matter in this SOC course more than equalled any I have done before. Well done Chris
Technologist (infosec, forensics, embedded systems) Canberra
I really recommend this training not only for the ones who start to build the security operations center but also for those who want to check whether the fundamentals, best practises are implemented and followed. It really gives the holistic view for all the activities you need to do, to deliver proper SOC services. Very often it raises the question “is this the best solution for our SOC” pointing out that there are many ways to deliver SOC services depending on the business needs, resources and time. If you are technical specialist, security auditor or security manager and want learn how to deliver SOC services I really recommend this class.
SOC Manager/utility provider Europe
One of the huge things that I took out of the class was the concept of a maturity model and a way to assess the maturity of an organization's security operations using the free open-source SOC-CMM that was introduced. Since taking the class under the SANS umbrella in the summer of 2018 at the DFIR Summit, I have been utilizing and following the updates to the SOC-CMM ever since using it especially in an ISAC that my company belongs to. Besides the SOC-CMM, I have been using other points from the class such as the section on metrics when talking to other members companies in the ISAC and discussing ways to assess and mature their operations. This has been a stepping stone to help prepare our security operations for the upcoming DoD CMMC initiative for contractors and educate our peers within the ISAC. Please keep up the great work!
US Defense Industrial Base (USDIB) and Logistics Contractor
I wanted to let you know that I was able to use material I learned from that class to propose to our upper management what a formalized security team could look like in our environment and some ways we could move forward with that. We are now making progress in making that happen. Thank you for all the work you put in to that class.
Clothing and Adventure Gear Manufacturer
You probably would not be surprised but I keep the books on my desk and every day find some minutes to list pages and read something. I replaced listening to music on my way home to audio from the course. The course as such became my new Bible and sometime I find it addictive. Thanks very much again for given such a valuable information in 5 days.
Global Manufacturer and Retailer
I share all of this only to make this point – never has a track been more relevant, timely, thorough, and pragmatic as I found the course to be. In my opinion, Chris (and I am quite sure an entire team of reviewers) has thought of, considered, and addressed every issue that I have encountered in my journey to standing up an internal SOC at my company.
Food and Beverage Conglomerate
I attended a fantastic course this month on Managing Security Operations taught by Chris Crowley . If you have anything to do with managing a SOC or your organization needs an idea of how to get to the next level...this is the course for you.
Medical Supplier and Innovator
Thanks for the excellent course in San Francisco...Btw, I appreciated how you quickly comprehended and translated specific feedback to general principles, when fielding questions in the class. That is a good skill.
US Department of Defense
SOC Reference Model
The class is not technical in nature, however, it is deeply grounded in technical details. Those details will be elaborated to explain the rationale between choices. This class is more about equiping you on how to make decisions for your SOC, and less about telling you the specific way to do something.
Sign up for class related updates
Online live versions of the class have been delivered since the pandemic affected live training in early 2020. Live online versions are regularly offered. If you want to discuss purchasing just the recording of a previous class, this can be provided on an individual basis.View All Resources