Cyber Security

Security Operations Center

One of the ways to protect the IT infrastructure of the company is the organization of the SOC (Security Operations Center, Information Security Center)

Examples seem to indicate that, creating your own SOC is rarely justified. It is much easier and more profitable to address a company that provides SOC as a service. A Security Operation Center (SOC) is a centralized function within an organization employing people, processes, and technology to continuously monitor and improve an organization's security posture while preventing, detecting, analysing, and responding to cybersecurity incidents.

A SOC acts like the hub or central command post, taking in telemetry from across an organization's IT infrastructure, including its networks, devices, appliances, and information stores, wherever those assets reside. 

SOC Functions

  • Active monitoring of the IT environment and collection of incident data.
  • Analysis of suspicious events.
  • Responding to threats.
  • Investigation of incidents.