Try our new research platform with insights from 80,000+ expert users
2021-11-22T02:34:00Z

Why a Security Operations Center (SOC) is important?

EB
  • 3
  • 312
PeerSpot user
3

3 Answers

Hasan Zuberi ( HZ ) - PeerSpot reviewer
Real User
2021-11-22T08:39:11Z
Nov 22, 2021
EB
Real User
Nov 22, 2021

@Hasan Zuberi ( HZ ), thank you for your answer! Can you possibly give an example (or two) of how SOC has changed/advanced during the last couple of years?
Thanks

PeerSpot user
Search for a product comparison in IT Alerting and Incident Management
DL
Reseller
2021-11-23T11:39:16Z
Nov 23, 2021
DL
Reseller
Nov 23, 2021

@Evgeny Belenky yeah, "alert fatigue" is also a consequence of the human factor. 

Without a continuous process of SOC software configuration, SOC will face this "alert fatigue" issue. 

One more thing is gaps between different parts of the SOC team. Multi-experts are great, but they can be really expensive and hard to find. 
In real life, the basic SOC team is 5-7 people up to 22-23 years old (yesterday students)  and the Head of SOC somewhere from the Bank Cybersecurity department or from a similar position. 

And in this case, you need to put a lot of resources to build a real SOC team: staff training, team building, inside audits of SOC work. As I said before - People. Because people configure software, mark an alert as false-positive, tick "reviewed" boxes; configure SIEM, EDR, UEBA, etc. So you need to be sure that every member of the SOC team is in the right place with the right set of skills.

PeerSpot user
Jairo Willian Pereira - PeerSpot reviewer
Real User
Top 5
2021-12-10T12:01:19Z
Dec 10, 2021
Find out what your peers are saying about PagerDuty, Atlassian, Splunk and others in IT Alerting and Incident Management. Updated: November 2024.
824,053 professionals have used our research since 2012.
IT Alerting and Incident Management
What are IT alerting and incident management? IT alerting is a process by which the software that is responsible for monitoring the health of an IT system generates alerts that notify the appropriate teams when an incident occurs.
Download IT Alerting and Incident Management ReportRead more