UC Berkeley S.O.C.K
The name SOCK is a play on SOC = Security Operations Center. I currently work as a full-stack web developer for the Information Security Office at UC Berkeley. The main product I work on is the university's proprietary Security Operations Center web application, built on Ruby on Rails and PostgreSQL.
what is a security operations center?
The purpose of a Security Operations Center (SOC) is to identify, investigate, prioritize, and resolve issues that could affect the security of an organization’s critical infrastructure and data. A well-developed and well-run SOC can perform real-time threat detection and incident response, with SOC analysts that can deliver rapid security intelligence to stakeholders and senior management, identifying when an attack starts, who is attacking, how the attack is being conducted, and what data or systems are being compromised.
Tools and Skills Used
A lot of ruby on rails in a high-demand enterprise setting. The front end is mainly html/css, and the back end connects to a postgresql instance. There's also a light dusting of vue.js.
Features Implemented
- Scripted a synchronization service to interface between our internal databases and ISORA and keep organizations, people, and roles up-to-date. This involved logic to maintain things like group ownership, the hierarchical structure of organizations, etc.
- Implemented server-side table pagination to decrease page load times across the platform.
- Integration with new IDS's (Intrusion Detection Systems)
- User history auditing features showing actions, API usage, etc.
- Implemented hot-swappable UI themes.
- Many more.