From drowning in alerts to producing intel, the SOC's journey. Ditch the grind, beyond alerts, produce intel. Transform your SOC into a strategic intel asset, boosting security and happiness. #SOC #Cybersecurity #ThreatIntel
This might be the overlooked part of a SOC function. SOC can be a data source for intel directly attributed to threats that are targetting your organization. If this on the list of priority intelligence requirements, then a workflow to push atleast this tactical intel data is required.
I liked how you mentioned transforming this function in to strategic intel provider. I assume that more achievable because there would be analytics overlap with what a TI analyst would do?
I am wondering what level of operational maturity would a SOC need to widen the scope of pivoting in the analysis.
For those of you interested, we started a little discussion thread around this topic on Substack for free subscribers 🥸
This might be the overlooked part of a SOC function. SOC can be a data source for intel directly attributed to threats that are targetting your organization. If this on the list of priority intelligence requirements, then a workflow to push atleast this tactical intel data is required.
I liked how you mentioned transforming this function in to strategic intel provider. I assume that more achievable because there would be analytics overlap with what a TI analyst would do?
I am wondering what level of operational maturity would a SOC need to widen the scope of pivoting in the analysis.