Focus Area: Security Operations Center

What is Security Operations Center

Today, the Security Operations Center (SOC) is at the heart of enterprise security management. It is used to monitor and analyze security alerts coming from the various systems across the enterprise and to take actions against detected threats. However, the rapidly growing number and sophistication of modern advanced cyber-attacks make running a SOC an increasingly challenging task even for the largest enterprises with their fat budgets for IT security. The overwhelming number of alerts puts a huge strain even on the best security experts, leaving just minutes for them to decide whether an alert indicates a real cyber-attack or is merely a false positive. In fact, the biggest challenge the security industry is now facing is the lack of qualified experts to deal with the growing number of cyber-threats.

To address this massive skills gap, a new generation of security solutions has emerged recently, with vendors focusing on filtering out the statistical noise and bringing the amount of security alerts to a manageable number of alerts categorized by their severity, improving security analysts’ efficiency with intelligent automated controls and, last but not least, on enabling even non-technical persons to make informed decisions and initiate incident response as quickly as possible. From statistical correlation methods to machine learning algorithms, from risk models to behavior profiling, from threat intelligence to cognitive technologies – there is a lot of exciting new developments going on in information security, which promise to dramatically improve the efficiency of your SOC.

Latest Research, Upcoming Webinars and Events From
Security Operations Center

Webinar

Reducing Risk with User Behavior Analytics (UBA)

Business landscape is changing rapidly where most organizations, irrespective of the vertical, are transforming themselves into technology organizations. With the adoption of Internet of Things (IoT), the number of connected entities has increased significantly. Managing identities of people, things and other objects in an automated and predictive manner is becoming the new norm. Simultaneously, the burgeoning number of identities exposes a broader attack surface posing a big challenge to these organizations and their growth plans. More

Executive View

Executive View: Cisco Advanced Malware Protection - 72518

Cisco Advanced Malware Protection (AMP) is an integrated enterprise security intelligence and malware protection solution. By combining global threat intelligence with dynamic malware analysis and continuous endpoint and network monitoring, AMP provides constant visibility and control across all environments before, during, and after a cyber-attack. More

Webcast

Privileged User Monitoring as Key Element of Counter-Measures

The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-connected enterprise, where everyone has access to everything, and where services reside somewhere, in the organization and in the cloud. Attackers are trying to gain access to privileged accounts, hijacking these. A key element of counter-measures is implementing a Privilege Management infrastructure that helps monitoring, recording, and analyzing sessions. More

Webinar

Privileged User Monitoring as Key Element of Counter-Measures

The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-connected enterprise, where everyone has access to everything, and where services reside somewhere, in the organization and in the cloud. This extends the risk surface. It is no longer about protecting some centralized servers in a well-secured data center, but about a sprawl of systems and services. More

Latest News From Security Operations Center

Executive View

Executive View: Cisco Advanced Malware Protection - 72518

Cisco Advanced Malware Protection (AMP) is an integrated enterprise security intelligence and malware protection solution. By combining global threat intelligence with dynamic malware analysis and continuous endpoint and network monitoring, AMP provides constant visibility and control…

Blog

Building a Future-proof Intelligent Security Operations Center, Part 2

Security Intelligence Platforms (SIP) are universal and extensible security analytics solutions that offer a holistic approach towards maintaining complete visibility and management of the security posture across the whole organization. Only by correlating both real-time and historical…

Blog

Building a Future-proof Intelligent Security Operations Center

I have to admit that I find the very concept of a Security Operations Center extremely… cinematic. As soon as you mention it to somebody, they would probably imagine a large room reminiscent of the NASA Mission Control Center – with walls lined with large screens and dozens of…

Webcast

Privileged User Monitoring as Key Element of Counter-Measures

The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-connected enterprise, where everyone has access to everything, and where services reside somewhere, in the organization and in the cloud.…

Executive View

Executive View: Microsoft Security Suite - 72541

A comprehensive approach to data protection – one that combines all aspects of computing infrastructure– rather than the point products that comprise many organization’s cybersecurity environment, is a decided plus, provided the overall goal is achieved.

Webcast

Improving Your SOC Efficiency with Advanced Security Analytics

Today, the Security Operations Center (SOC) is at the heart of enterprise security management. Security analysts in most SOCs are still relying on traditional SIEM systems as a core platform for their daily operations. These are the primary tools to monitor and analyze security alerts…

Webinar

Feb 21, 2017: Privileged User Monitoring as Key Element of Counter-Measures

The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-connected enterprise, where everyone has access to everything, and where services reside somewhere, in the organization and in the cloud. This…

Blog

The Role of Artificial Intelligence in Cyber Security

Over the last few weeks I’ve read a lot about the role AI or Artificial Intelligence (or should I better write “Artificial” Intelligence?) will play in Cyber Security. There is no doubt that advanced analytical technologies (frequently subsumed under the AI term), such as…

Executive View

Executive View: ForgeRock Access Management - 71316

ForgeRock Access Management is a full-feature Identity and Access Management (IAM) system.  It provides numerous authentication options, an adaptive risk engine, identity federation, and advanced policy-based authorization capabilities.   ForgeRock supports open standards…

Webcast

Prevent Data Breaches - Moving to a Modern Approach to Breach Avoidance in Three Steps

The biggest mistake you can make it assuming you cannot, or will never, be breached – the challenge for any company is to have a strategy that meets their risk appetite, security measures with a known ROI, a detection plan so that you know before your customers and a mitigation…

About KuppingerCole

Our Capabilities

KuppingerCole’s values are expertise, thought leadership, neutrality and outstanding practical relevance.

Our People

KuppingerCole’s highly qualified and globally recognized analysts continuously research and update KuppingerCole online research library, and perform manufacturer-independent advisory services.

Our Methodologies

Proven approach of KuppingerCole focuses on lean, efficient projects, with a structured methodology based on ongoing research, publications, and thought-leading deep knowledge of our analysts.

Our Experience

A large number of KuppingerCole’s existing reports and a significant number of new reports published every year ensures that you can always access up-to-date information you need for your decisions.

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Sign Up now

Blog

Blog

Building a Future-proof Intelligent Security Operations Center, Part 2

Security Intelligence Platforms (SIP) are universal and extensible security analytics solutions that offer a holistic approach towards maintaining complete visibility and management of the security posture across the whole organization. Only by correlating both real-time and historical security [...]

Stay Connected

Latest Insights

Hot Topics

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00