Security Operations Center


Security Operations Center

A security operations center (SOC) is a dedicated site where enterprise information systems are monitored, assessed, and defended. SOC duties include:

Monitoring and Aggregation

The SOC monitors and aggregates logs from the OT/IT infrastructure, applications and assets (on premise or cloud).

Logs Storage and Assessment

The logs are stored on a dedicated SIEM to assess the data for threats and suspicious activity.

Threat Identification and Determination

The SOC also monitors applications to identify a possible cyber-attack or intrusion and determine whether it is a real, malicious threat.

Correlation Responsibility

The SOC is responsible for correlating events between the infrastructure application and other assets’ events.


- Incidence response protocols
- Consistent review and updates
- Alert protocols