SOC – Facility & Technologies

Choosing a SOC facility is an important step and depends upon multiple factors: • Does the facility have permission to run 24*7? • Is it allowed to have two or more internet link in the building for redundancy? • Does the building is deployed with required physical security controls (like CCTV, Water Sprinkler, Fire Extinguishers, […]

SOC – SIEM Deployment

A practical and effective implementation of technology (SIEM, UEBA etc.) is the key. Many organizations have a SIEM system in place for long; however, it’s not being used for effective monitoring. It is crucial to keep some basic things in mind while implementing technology: 1) Driver for SIEM Deployment: Organizations should have a clear understanding […]

SOC – Choosing Technologies

SIEM is a core technology in SOC However it’s not the only tool in SOC, there are other technologies that work in conjunction with SIEM tool like SOAR (Security Orchestration Automation and response), UBA (User Behavior Analysis), IM (Incident Management) tool, CMDB, Performance Availability and monitoring platform etc. While choosing tools for SOC, it’s vital […]

SOC – Deployments Models

Security Operations Center – Deployment Models The decision to build SOC in-house or in MSSP Cloud depend upon multiple parameters: 1) Is it compliance need to keep the data inside the organization only? 2) In case of in house SOC, are we ready to handle the overhead like compute requirements, resource management, training, resource retention, […]

SOC – Need or Burden?

Do we really need a SOC Unit? Should we invest our time, effort and money in building SOC? Are we really going to get value out of it? Should we just build it for the tick in the box? These questions must be answered first before deciding building SOC Unit because it requires a considerable […]

SOC Elements

Security Operations Center – SOC Elements SOC (Security Operations Center) help organizations to protect them from known, unknown threats and to improve organization Security Posture. SOC Unit consists of 3 key elements: People, Process & Technology 1) People: Various roles need to be defined to function SOC effectively and to make sure to protect an […]

×