ArcSight SOC Process Framework.jpg

The Security Operations process framework for a typical Arcsight  powered and built Security Operations Centre

  • Mark, are you willing to share the hidden 16th process?

  • Thanks for pointing out my deliberate mistake. That just goes to prove I cant count and that the list of core processes applicable to each enterprise does tend to get customized.

    For example, in ITIL encumbered SOCs (not always a good thing to tie up agile security practice with ITIL rigidity - but thats another story)  where they are running a business chargeable operation we sometimes have Service Management as one our our key SOC processes in the business category. Supporting procedures would be Service Catalog Mgt, Service Delivery etc.



    (That should get me back to 16 )