Skip to content
Log in

Security Operations Centre (SOC)

Definition

The dedicated team and technology platform responsible for continuous monitoring, detection, analysis, and coordinated response to security events. May be in-house, co-managed, or fully outsourced.

Related terms

Escalation Path
The predefined chain of notification and decision-making authority that an incident follows as its severity increases. Documented in the IR plan before...
Managed Security Service Provider (MSSP)
A third-party organisation that delivers security monitoring, tooling, and analyst coverage as a contracted service. Used in fully outsourced and co-managed SOC...
Playbook
A documented step-by-step procedure for responding to a specific type of security event. Playbooks standardise analyst behaviour, reduce response time, and ensure...
SIEM (Security Information and Event Management)
A platform that aggregates log and event data from systems, networks, and applications across an environment, correlates events against detection rules, generates...
Threat hunting
A proactive, human-led process that searches for evidence of adversary activity in an environment under the assumption that automated controls have been...

Explained in

  • SOC Structure and the Tier ModelThe dedicated team and technology platform responsible for continuous monitoring, detection, analysis, and coordinated response to security events. May be in-h...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account