Did You Know Security Engineering Has Hidden Costs?

Security engineers supporting a Security Operations Center (SOC) face the difficult job of providing an appropriate quantity of actionable alerts to SOC analysts. Typically, they are tasked with presenting alerts of interest to the analyst and they accomplish this by managing detection technologies, developing detection content and integrating security context. As they try to maintain the analyst’s console, their duties become overly complicated and riddled with hidden costs.

High Volume Cybersecurity Event Feeds

Recently, I’ve found myself reminiscing about my early experiences as a security operations center (SOC) analyst and how much the industry has changed in the last 15 years. I can’t help but notice that despite all the technology we’ve thrown at the SOC, we really haven’t changed things that much.