SOC
Security Operations CenterDefinition
A Security Operations Center is a centralized facility or team responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats and incidents on an ongoing basis.
Buyer context
When buyers compare SOC providers, the practical question is which SOC functions are included: monitoring only, alert triage, investigation, containment, incident response, detection engineering, reporting, or full day-to-day operation. A provider can call something a SOC service while leaving response authority, tool ownership, or remediation work with the customer.