The future of SOCs: Automation where it matters

2022-07-14 05:00

Like Microsoft's new security patch technology, SOC automation intends to both improve an enterprise's security posture and reduce the burden on security engineers and security analysts.

The real work of the SOC continues to be handled by security engineers who maintain the tools and the security analysts who have the insights that can assess attacks and determine what the organization should do to address threats.

Security professionals are looking for solutions that can help with the workforce issues - automation for manual security tasks, tools that help analysts assess and remediate threats and workflow automation to make processes more efficient.

Correlation links attack points to provide better insight into the attack and graph-based correlation presents the full attack story in a format that allows analysts to easily understand the attack better and faster to respond with more clarity.

By using automation to elevate detection and analytics, level one analyst workflows can be automated, level one analysts can be "Upskilled" and level two and level three analysts can be empowered.

The future is unlikely to be less complex - attacks will continue, hackers will use increasingly sophisticated and clever methods to breach enterprise defenses and the shortage of analysts will not be solved quickly.

News URL

https://www.helpnetsecurity.com/2022/07/14/future-soc-automation/

#automation #SOC