Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security Operation Center (SOC) Policies and Procedures (SOC Resources…
Security Operation Center (SOC) Policies and Procedures
SOC On-boarding process
Usecase sheet
Centralized Repository
Prerequisites
Integration
Project Plan
Automation
SOC Model
Partially Outsourced
Centralized Model
Hybrid Model
Standalone Multiple SOC
Follow the Sun Model
Multi-Tiered SOC Model
Reporting
SOC Sizing
Technology cost
Services cost
Process cost
Facility cost
People cost
Budgeting forecasting
Budget alignment
Return on Investment (ROI)
Reporting
Technical Reporting
Trend Reporting
Management Reporting
Use case validation based on red/blue/purple team
Centralized Repository
Integration of SOP repository
Resource On-boarding Process
Monitoring Specific
Deployment Specific
Tooling Specific
Test Environment
1 week basic training
Team segregation
Job Descriptions
Usecase SOP Repository
Backup resource plan
Usecase Automation process
Incentives / Certification criteria
Weekly meeting agenda
SOC Repository
Client Specific Repository
ClientA_Rep
ClientB_Rep
ClientC_Rep
Policies and Procedures
Operational Repository
Business and Technology
Analytical Repository
Functional Repository
SOC Policies & Agreements
Technology
IDPS Tools
SIEM Tools
Security Monitoring Tools
Automation and Orchestration Tools
SOC Services
Threat Intelligence
Threat Hunting
Security Analysis
Vulnerability Management
Security Incident Management
Log Management
Security Monitoring
SOC Customer
Document all/main customers
Service Level Agreement (SLA)
Frequency of Reporting
Priority Level among customers
Charter
Regular update of charter
Familiarize all stakeholders with charter
Formal Charter document
SOC Resources
FTE
Threat Intelligence Analyst
Security Architect
Data Scientist
Security Specialist
SOC Manager
Security Engineer
Team leader
Security Analyst
Incident Handler
Incident Manager
Penetration Tester