Security Operations Center (SOC)

Security Operations Center (SOC)

A Security Operations Center is a centralised team and facility that monitors, detects, analyses and responds to security events across an organisation. It typically uses SIEM, SOAR, threat intelligence and incident response processes. Consensus is that an effective SOC must be integrated with IT operations and backup/cyber recovery teams so that detection, containment and recovery are coordinated rather than siloed.