What is a Security Operations Center (SOC)?

A security operations center (SOC) is a hub staffed by security personnel who continuously monitor an organization’s entire IT infrastructure. A SOC collects security event data from applications, security devices, data centers, cloud resources, and other systems via a Security Information Event Management (SIEM) system.

How a SOC Works

SOCs usually operate through a hub-and-spoke model, where the SIEM gathers data from a range of specialised security technologies. Such security tools include:

SOC Components
SOC Components

Types of SOCs 

There are 7 broad categories of SOCs:

  • Dedicated (Self-managed) SOC
  • Distributed (Co-managed) SOC
  • Managed SOC
  • Command (Global) SOC
  • Multifunction SOC (SOC/NOC)
  • Virtual SOC
  • SOCaaS (SOC-as-a-service)

Key takeaways

  • Check icon
    SOCs provide visibility over an organizations entire attack surface.
  • Check icon
    SIEMs feed SOCs with correlated and aggregated data to streamline incident responses.
  • Check icon
    Additional security tools provide threat detection, protection, and analysis capabilities to the SOC.
  • Check icon
  • Check icon
Reviewed by
No items found.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.

More from our blog

Learn more about the latest issues in cybersecurity.
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating