Security operations center

security operations center (SOC) is responsible for protecting an organization against cyber threats. SOC analysts perform round-the-clock monitoring of an organization’s network and investigate any potential security incidents. If a cyberattack is detected, the SOC analysts are responsible for taking any steps necessary to remediate it. It comprises the three building blocks for managing and enhancing an organization's security posture: people, processes, and technology. Thereby, governance and compliance provide a framework, tying together these building blocks. A SOC within a building or facility is a central location from which staff supervises the site using data processing technology. Typically, a SOC is equipped for access monitoring and control of lighting, alarms, and vehicle barriers.

SOC can be either internal or external. In latter case the organization outsources the security services, such monitoring, detection and analysis, from a Managed Security Service Provider (MSSP). This is typical to small organizations which don't have the resources to hire, train, and technically equip cybersecurity analysts.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.