Security Operation Center (computing)
Encyclopedia
A security operations center (SOC) is an Information Security function within the company or of separate organization that delivers IT security services. It attempts to detect unauthorized access in any form to prevent and manage security related incidents using processes and procedures. The mission is risk management through centralized analysis using the combined resources consisting of personnel, dedicated hardware and specialized software. Typically, these systems operate constantly. These resources offer continuous events monitoring and risk analysis to detect intrusion to guarantee protection against it. Internet security is a resource intensive task in time and personnel. Many organizations prefer to outsource this task to specialists in this field. Outsourcing
to a security partner allows an organization to lower its IT management costs and focus on its core business. The security partner delivers high quality service by hiring only the most qualified professionals. Others prefer to build it within their own companies to customize it according to their requirements. The SOC consists of monitoring and analyzing all types of systems, devices, or applications events such as users activities, firewall activity, Intrusion Detection System (IDS) activity, antivirus activity, individual vulnerabilities, etc. These technologies and processes are transient and require that personnel stay abreast of the latest developments.
Outsourcing
Outsourcing is the process of contracting a business function to someone else.-Overview:The term outsourcing is used inconsistently but usually involves the contracting out of a business function - commonly one previously performed in-house - to an external provider...
to a security partner allows an organization to lower its IT management costs and focus on its core business. The security partner delivers high quality service by hiring only the most qualified professionals. Others prefer to build it within their own companies to customize it according to their requirements. The SOC consists of monitoring and analyzing all types of systems, devices, or applications events such as users activities, firewall activity, Intrusion Detection System (IDS) activity, antivirus activity, individual vulnerabilities, etc. These technologies and processes are transient and require that personnel stay abreast of the latest developments.
See also
- Managed Security Services (MSS)
- Cisco Security Monitoring, Analysis, and Response System (MARS)