The SOC is responsible for the continuous identification and remediation of threats that occur on your enterprise network. If this seems familiar, it should be, as this comes from the previous chapter on incident response. Typically, it is your SOC team that will be charged with executing substantial portions of the incident response plan. Therefore, most well planned SOCs mirror much of the process that is defined in an organization's incident response plan.
Regardless of the size of your organization, the necessity to develop an effective security operations center is essential. A security operations center is an incredibly important part of your overall information security program investment and is a key component in ensuring that your organization is being properly protected from internal and external threats.
The SOC capabilities that you can implement are directly tied to your organization's personnel resources, funding, and so on. This means that a startup...