User:LooCipher/sandbox

Managed Secure Operation Centre (SOC) Services
Managed SOC Services are used by organisations that have a need to enhance their visibility of Cyber Security related events, and who are either limited in resources, require much higher scale than their existing IT and people allow, or have operational and business requirements to increase monitoring of threats.

Definition of a SOC according to UK NCSC The key aims of a SOC are: Types of services provided by a Managed SOC may include;
 * to detect and respond to threats, keeping the information held on systems and networks secure
 * to increase resilience by learning about the changing threat landscape (both malicious and non-malicious, internal and external)
 * to identify and address negligent or criminal behaviours
 * to derive business intelligence about user behaviours in order to shape and prioritise the development of technologies ====
 * integration, management and review of traffic feeds
 * protective monitoring
 * initial triage and analysis
 * vulnerability management
 * alerting and response
 * incident management
 * root cause analysis
 * patching & remediation
 * correlation management, Security Information and Event Management (SIEM) tuning
 * continuous improvement
 * key management