Please enable JavaScript.

Coggle requires JavaScript to display documents.

Chapter 1: Cyber Security And Operations Centre - Coggle Diagram

- - - - • Tier 1 Alert Analyst
        
        • Tier 2 Incident Responder
        
        • Tier 3 Subject Matter Expert (SME)/Hunter
        
        • SOC Manager
      - Process in SOC
        
        • Tier 1 Alert Analyst begins with monitoring security alert queues
        
        • Tier 1 Alert Analyst verifies if an alert triggered in the ticketing software represents a true security incident.
        
        • The incident can be forwarded to investigators, or resolved as a false alarm
      - Technology in SOC
        
        •Security Information and Event Management (SIEM) systems:
        
        • Collect and filter data.
        
        • Detect and classify threats.
        
        • Analyze and investigate threats.
        
        • Implement preventive measures.
        
        • Address future threats.