Friday, September 7, 2012

The Security Services a SOC should provide

This is a list of basic services a SOC should provide.
Keep in mind that when we talk about SOCs there are 2 categories: the corporate and the MSSP one.

Security Device Management
This is the primary and basic service of a SOCand it's where a SOC usually starts from.
SDM is the management of security devices, such as: firewall, Intrusion Detection Systems / Intrusion Prevention Systems (IDS/IPS), proxy, web application firewall, etc
The type of managed devices should change depending on what is requested by the market.

Distributed Denial of Service Mitigation
This service is the Distributed Denial of Service mitigation. It's usually provided to customers like banks, government and every customer that has large profits coming from its internet services.

Event & Log Management / Collection
This service is more about compliance than security and it's the collection, storage and archiving of logs.

Incident handling
The management of the security incidents (security breaches, malware, misuse, etc). It could include the complete management of the incident (usually in the corporate SOC) or just the warning.

Security professional services
Between the professional services that could be provided: vulnerability assessment, penetration tests, web appliaction assessment, source code review, etc

Abuse desk
Managing of the "abuse@" mailbox. The abuse mailbox is used to receive any warning or report of abuse coming from the IP range assigned to a customer/provider.

Early Warning
This service works like a warning for new vulnerabilities and emerging threats.

I suggest you to read the following pages on WikiPedia:

Managed Security Services
Security Operation Center (english)
Security Operation Center (more detailed but in italian, actually I was the author of the first version of this page)


  1. SOC monitors and analyzes activity on networks, endpoints, servers, databases, websites, applications, and other systems, It looks for anomalous activity what could be indicative of a security incident. The SOC is very responsible for ensuring those potential security incidents that are correctly identified, defended, analyzed, investigated, and reported. thanks, Charlotte W. from Qld Diamond Security

  2. I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
    Cyber Security Projects for CSE Students

    JavaScript Training in Chennai

    Project Centers in Chennai for CSE

    JavaScript Training in Chennai

  3. I recently found many useful information in your website especially this blog page. Among the lots of comments on your articles. Thanks for sharing.internet Service provider

  4. Good article and most important post for me. i am very happy to see your standard post. we also provide Soc Solutions Services with affordable price. for more information visit on our website.

  5. I read this article, it is really informative one. Your way of writing and making things clear is very impressive. Thanking you for such an informative article. Event Security Services Yorkshire

  6. Excellent blog, I read your post, and I get knowledge about the Security Services. You have done excellent work. security camera installation for vacant property.Please keep sharing.

  7. The post you have shared here about Security is really informative. The article in this post explains everything clearly.CCTV Installation Brixton Thanks for posting such great post.

  8. The representation of this article is actually superb. Professional K9 Security Service in LondonI think this is a genuinely beneficial and instructive article for everyone, I appreciate this kind of writing, Thankful to you for sharing an article like this.

  9. I am very grateful that I found some helpful content during this post. After reading it, I feel that you simply have good knowledge. Thanks for posting it. Keep it up. home security systems toledo

  10. I am grateful for this blog to distribute knowledge about this significant topic. Here I found different segments and now I'm getting to use these new instructions with new enthusiasm. home security systems toledo

  11. Your current article constantly have a decent amount of really up to date info. Where do you come up with this? Just saying you are very resourceful. Thanks again endpoint detection and response charlotte NC