Introduction to Security Operation Center

-

 What is SOC / CSOC?

   Some companies called it CSOC but most people have known it as SOC. This SOC word abbreviates as  Security Operation Center or when about CSOC it abbreviates as Cyber Security Operation Center.   


                                                 Figure 1 - Security operation Center     


 Why is SOC / CSOC?

Everybody has a question why this type of center is maintained by the companies. The answer is to monitor all the incoming and outgoing data traffics, employees' activities, the behavior of the information systems and network to see whether are there any kind of vulnerabilities or suspicious activities are there. If there is something fishy, cyber security analysts need to report them to the liable authorities. 

To find these vulnerabilities and other kinds of things employees of the security operation center need to follow different types of techniques, tools, and procedures. Among the techniques, some of them are threat hunting, penetration testing, and vulnerability assessment. Nmap, Maltego, Wireshark, Burpsuite, Metasploitable framework can be named as the often use tools.     

 What are the different approaches?

There are different approaches are available in the Security Operational Center. They are centralized, distributed, in-house, constituency, managed, and hybrid. For all of these, there are different kinds of backgrounds are available.    

  • Centralized  - here there is one team and one central location which is close to HQ. This is the most common approach for the SOC and it will be available 24 x 7 and this is the most feasible way to conduct SOC.                                                            
  • Distributed - there are multiple teams are available to conduct SOC operations in different locations. But their goal is common and it can be available 24 x 7 or 8-hour shits that follow the sun.   
  • In-house - in this approach, staff are the insiders and they are dedicated to the different tasks. They know the company environment better than anyone because they have access to all the systems.          
  • Constituency - here all the things are handled by the external SOC experts. Within that, there are two types as managed and unmanaged. Managed means the write access is available for the devices and unmanaged means no write access is available for the devices.
  • Managed - in this approach, we can see active access on security appliances and a quick start with less apex. But here employees have less environmental knowledge about the scenario.      
  • Hybrid - this approach has the set of qualities that we can find in the other approaches and because of that, this is a hybrid version. Here we can see that centralized control and the quickest detection response time.         
                                                



What are the techniques and procedures in SOC?

Within the SOC there are different kinds of techniques procedures use to achieve the goal. And all the things are handled according to that. 

      Scanning - network scanning

                      vulnerability scanning
                      port scanning


        Monitoring - 24 x 7 monitoring
                             real-time monitoring     
                             network monitoring

        Response - automated
                          manual
                          active
                          passive
                          deter
                          block
                          onsite
                          remote  

With all these SOC teams responsible for monitoring, detecting, containing, and remediating IT threats across applications, devices, systems, networks, and locations.

Comments

  1. ash_SanAugust 1, 2021 at 8:35 AM

    Valuable ❤️❤️❤️

    ReplyDelete
  2. Ishara WickramathilakaAugust 1, 2021 at 10:11 PM

    ❤️πŸ€—

    ReplyDelete
  3. PiyumaliAugust 4, 2021 at 7:21 AM

    Great

    ReplyDelete
  4. KAVINDUAugust 6, 2021 at 12:35 AM

    😍♥️

    ReplyDelete
  5. UnknownAugust 6, 2021 at 12:35 AM

    Well DoneπŸ‘πŸ»♥️

    ReplyDelete
  6. yasasiAugust 6, 2021 at 12:37 AM

    Great piece🀩

    ReplyDelete
  7. UnknownAugust 6, 2021 at 12:39 AM

    Great work❤️

    ReplyDelete
  8. UnknownAugust 6, 2021 at 12:40 AM

    Excellent work

    ReplyDelete
  9. AnonymousAugust 6, 2021 at 12:42 AM

    Well done!

    ReplyDelete
  10. UnknownAugust 6, 2021 at 12:43 AM

    Great work 😍❤️

    ReplyDelete
  11. UnknownAugust 6, 2021 at 12:46 AM

    Superb πŸ”₯❤️

    ReplyDelete
  12. UnknownAugust 6, 2021 at 12:51 AM

    Superb ❤

    ReplyDelete
  13. AkalankaAugust 6, 2021 at 12:51 AM

    πŸ–€πŸ–€πŸ™Œ

    ReplyDelete
  14. UnknownAugust 6, 2021 at 12:52 AM

    Super ❤

    ReplyDelete
  15. UnknownAugust 6, 2021 at 1:11 AM

    πŸ‘πŸ˜

    ReplyDelete
  16. RavindiAugust 6, 2021 at 1:23 AM

    SuperbπŸ‘

    ReplyDelete
  17. TharushaAugust 6, 2021 at 1:49 AM

    ❤️❤️❤️

    ReplyDelete
  18. UnknownAugust 6, 2021 at 2:09 AM

    NiceπŸ‘

    ReplyDelete
  19. UnknownAugust 6, 2021 at 2:12 AM

    Good work πŸ˜‡

    ReplyDelete
  20. UnknownAugust 6, 2021 at 2:28 AM

    Awesome πŸ‘

    ReplyDelete
  21. HashanAugust 6, 2021 at 2:47 AM

    Good ❤️

    ReplyDelete
  22. UnknownAugust 6, 2021 at 3:08 AM

    Superb πŸ‘

    ReplyDelete
  23. Anoma_RathnayakaAugust 6, 2021 at 4:51 AM

    Really help full article. Well done πŸ–€

    ReplyDelete
  24. UnknownAugust 6, 2021 at 5:14 AM

    Excellent work ❤❤❤

    ReplyDelete
  25. ChathuraAugust 6, 2021 at 5:29 AM

    Interesting πŸ”₯πŸ’–

    ReplyDelete
  26. SamadhiAugust 6, 2021 at 5:36 AM

    ReplyDelete
  27. UnknownAugust 6, 2021 at 6:16 AM

    On pointπŸ‘Œ

    ReplyDelete
  28. UnayaAugust 6, 2021 at 6:54 AM

    Interesting

    ReplyDelete
  29. UnknownAugust 6, 2021 at 7:00 AM

    Good work ❤️

    ReplyDelete
  30. UnknownAugust 6, 2021 at 7:04 AM

    ❤️

    ReplyDelete
  31. UnknownAugust 6, 2021 at 7:48 AM

    Good job❤

    ReplyDelete
  32. UnknownAugust 6, 2021 at 9:39 AM

    good job keep it up!

    ReplyDelete
  33. Sithiji AmarasenaAugust 6, 2021 at 11:43 AM

    Best as always

    ReplyDelete
  34. MadusankaAugust 7, 2021 at 10:20 AM

    ❤️πŸ”₯

    ReplyDelete
  35. UnknownAugust 30, 2021 at 12:25 AM

    Wowww 🀞

    ReplyDelete

Post a Comment

Popular posts from this blog

Introduction to Cryptography

-
Image
What is cryptography A s human beings, we do not prefer to reveal our secret and private communication to outsiders. Because of that we usually send our letters inside an envelope to make sure that the contents of those letters should not disclose to unwanted people until the right persons get them. Likewise, we use the methodology of "cryptography" to ensure the secrecy of our data through online communication. This cryptography method ensures the basic features of secure data communication such as confidentiality, integrity, and authorization. Normally we define cryptography as the study and practice of hiding information from unauthorized persons. This ensures the confidentiality of data by restricting unauthorized persons to our data, ensure the integrity by using the hash functions which can detect whether our data was modified by someone or not, and it ensures authorization and non-repudiation. these are the benefits of cryptography. B efore centuries ago, people felt t
Read more

Ancient Cryptography

-
Image
I n the previous chapter, we discussed the introduction part of cryptography and we understand the eras of cryptography. Today we are going to learn about the ancient cryptography era . Greece T he “Scytale” is the first cryptographic method that we can find when we analyze history. It was used in Greece in about 500 B.C which was developed by Spartans to send and receive secret messages. It is a device like a cylinder. And a strip of parchment uses to write messages on it as wounds in parchment. Once we remove the parchment it becomes an unclear message which is difficult to understand. So, to receive the exact message we should have the same size cylinder. It is a method that is considered as a type of transposition cipher. The problem with this method is there should be the same size cylinder.                                         Figure 1 - Scytale Rome B ut we consider Caesar cipher as the well-organized oldest cryptographic method which has been used in Rome by the empire Juli
Read more

GDPR (General Data Protection Regulation)

-
Image
What is GDPR? G DPR stands for General Data Protection Regulation, which is a regulation established by the European parliament in April 2016. Under this regulation, it describes how companies need to secure the details of the European citizens' private sensitive data. The Information Commissioner's Office (ICO) will take control of the GDPR and he will conduct penalties for the companies who violate this regulation.       Why it is important? C ountries like England, France, and Germany consider the privacy of individuals a major concern. They always try to protect the privacy of everyone. So, to do that they have introduced regulations like GDPR. This personally identifiable information are very sensitive and not handling this data properly, leads them to face a different kind of problems. GDPR covers all the European Union countries like Austria, Germany, France, Ireland, Finland, Netherlands .. etc. This GDPR only covers the privacy of the European citizens, but not the res
Read more