๐ŸŽ New User? Get 20% off your first purchase with code NEWUSER20 ยท โšก Instant download ยท ๐Ÿ”’ Secure checkout Register Now โ†’
Menu

Categories

Security Intermediate

What is SOC (Security Operations Center)?

A centralized team and facility responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats 24/7.

A SOC continuously monitors an organization's IT infrastructure for security threats. SOC analysts use SIEM tools, threat intelligence feeds, and security automation to detect and respond to incidents. SOCs typically operate in tiers: Tier 1 (alert triage), Tier 2 (investigation), Tier 3 (threat hunting).

Key SOC functions include real-time monitoring, incident response, threat hunting, vulnerability management, and compliance reporting. Modern SOCs increasingly use automation (SOAR โ€” Security Orchestration, Automation, and Response) to handle alert volume.

Related Terms

Secret Management
The practice of securely storing, accessing, and rotating sensitive credentials like API keys, passwords, and certificates.
Content Security Policy (CSP)
An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.
DAST (Dynamic Application Security Testing)
Testing a running application from the outside by sending malicious requests to discover security vulnerabilities.
Certificate Pinning
A security technique that associates a host with its expected TLS certificate or public key, preventing man-in-the-middle attacks with fraudulent certificates.
Zero Trust
A security model that requires strict identity verification for every user and device, regardless of their network location.
XSS (Cross-Site Scripting)
An attack that injects malicious scripts into web pages viewed by other users, potentially stealing data or session tokens.
View All Security Terms โ†’