A Security Operations Centre (SOC) is a physical location that is used as a central point for monitoring, assessing, and protecting the information systems of an organisation. These systems include but are not limited to datacenters, applications, networks, websites, servers, computers and other components. The primary goal of a SOC is to make sure that all IT threats are adequately detected, analysed, communicated, investigated and reported. A SOC ensures that IT security of the organisation meets a certain standard that is determined by the industry, government, or the organisation itself. SOC can be called by names such as:
- Security Defense Centre (SDC)
- Network Security Operations Centre (NSOC)
- Security Intelligence and Operations Centre (SIOC)
- Security Analytics Centre (SAC)
Points to Remember
- SOCs commonly uses the combinations of solutions and technologies that are used to continuously monitor & gain situational awareness, contain and neutralise IT threats, such as cyber-attacks or security breaches.
- SOC personnel consists of analysts, security engineers, managerial staff, etc. The staff is usually comprised of experts in computer engineering, computer science, network engineering, or cryptography.