Down the Security Rabbithole Podcast (DtSR) DtSR Episode 578 - Maybe A Modern Day SOC Discussion
8 snips
Nov 21, 2023 
Experts Jim Tiller and Anton Chuvakin discuss the evolution and challenges of Security Operations Centers (SOC), including the impact of global macroeconomics on security technology, the importance of collaboration between different teams, and the shift towards automation. They also explore false positives and negatives in the modern SOC environment, and the challenges of outsourcing security operations.
AI Snips
Chapters
Transcript
Episode notes
SOC Work Is Half Human, Half Machine
- Internal SOCs split work between human-driven requests and machine alerts roughly 50/50 in many enterprises.
- That human-helpdesk function means outsourcing vs in-house differences often blur into similar operational work.
Buy Synthesized Services, Not Slide Decks
- Look for synthesized outsourced services that combine endpoint monitoring, vulnerability data, and threat detection instead of isolated point products.
- Choose providers who can deliver confirmed outcomes, not just slide-deck reports.
Modern SOCs Must Move Beyond NOC DNA
- Modern SOCs are distinct from NOC/help-desk DNA; treating SOC like a security help desk misses automation and pipeline needs.
- True modern SOCs emphasize automation, code-driven pipelines and fewer manual searches.