SOC LAB
Introduction to SOC
- The structure of a SOC
- The operation of a SOC
- SOC Tools/Products
- How a SOC Analyst should use his tools
- Frequent mistakes that SOC Analysts make
-
What is a SOC?
A Security Operation Center (SOC) is the facility where the information security team constantly monitors and analyzes the security of an organization. The main purpose of the SOC team is to detect, analyze and respond to cyber security incidents by using technology, people and processes.
Types Of SOC Models
In-house SOC
The enterprise builds its own cybersecurity team. Firms considering establishing an internal SOC should have a budget to support continuity.
Virtual SOC
The security team does not have its own facility and often works remotely in different locations.
Co-Managed SOC
The Co-Managed SOC consists of internal SOC personnel working with an external Managed Security Service Provider (MSSP). The coordination is really important for this type of model.
Command SOC
A senior group that oversees smaller SOCs in a large region. Organizations using this model include major telecom providers and defense agencies.