Security Operations Center (SOC)
A SOC is a group of people that monitor the security of information systems. It is traditionally linked to cybersecurity monitoring, protection, and security assessment for any kind of assets like websites, applications, databases, data centers, servers, networks, desktops and other types of endpoints. They are all monitored, assessed, and hardened.
There are new activities that have emerged, like Managed Detection and Response (MDR), which focuses less on assessing every single element, and more on in-depth analysis over essential evidence, with complex analysis on intrusion attempts.
SOC and MDR activities are usually proposed by Managed Security Service Providers (MSSP) in many different formats, like internal, external and hybrid. Specific teams like CERT or CSIRT can also be part of SOC teams for certain crisis situations.
A SOC should link people, processes and technologies (ISO 20000) to provide situational awareness through the detection, containment, and remediation of IT threats.
SOC should allow to link people, processes and technologies (ISO 2000) to provide situational awareness through the detection, containment, and remediation of IT threats.
TEHTRIS SOC can deliver day to day services by hunting down security issues and by delivering enriched data to identify, analyze, investigate and report incidents. TEHTRIS XDR Platform also has actual partners offering worldwide services like SOC, MDR, security assessments, crisis management, governance, compliance and so on.« Back to Glossary Index