The security management platform is not equal to SOC!

Source: Internet
Author: User

I had a training session last week and talked about the SOC and security management platform. I once again stressed that the security management platform is not equal to the SOC!

I have already said this, and it is necessary to give it a try again.

Internationally, the general description of SOC is defined as a team in a relatively fixed place, continuously monitors and maintains the network infrastructure and its business security status according to the established procedures and methods. Obviously, SOC, namely Security Operations Center and Security operation Center, includes people, premises, management objects, management methods, processes and tools. SOC is more about a place, similar to XX Information Center and XX network center. The first thing we can see is a building and then an organizational unit.

In fact, the definition of SOC is the same no matter in China or abroad, and the definition of SOC in China is also described above.

The definition of the Security Management Platform generally refers to the key process with assets as the core and security event handling as the core, A security operation monitoring, risk measurement, and security O & M platform for information assets guided by security risk management.

The Security Management Platform refers more to technologies and tools in SOC. If there are three parts of SOC: people, processes, and technology, the security management platform is just T, and even the complete set of T cannot be built. T in SOC is not only a platform, but also a set of tool kits.

All in all, the security management platform is not equal to SOC! You can understand the Security Management Platform as a part of SOC, the Technical Support Platform of SOC.

Unfortunately, in the process of introducing SOC to China, the two are gradually equivalent due to misunderstanding and simplification. Now, we sometimes mature our security management platform as SOC. I think there is nothing to say, as long as we understand the real difference between them.

Nowadays, the traditional definition of SOC is also changing, and the definition of SOC is not so obvious. Some people have proposed the concept of Virtual SOC; the traditional definition of the Security Management Platform is also changing, but in any case, the security management platform is not equal to SOC, and so will it be in the future.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.