Data & Spec Sheet January 01, 2013

RSA SECURITY OPERATIONS MANAGEMENT: Orchestrate Intelligence, Process, and Resources in the SOC

As customers implement SOCs, a framework is required to seamlessly orchestrate the multiple roles, processes, and technologies. This framework should transform the overall SOC to be a consistent and predictable business process.


Advanced Persistent Threats (APTs) are the one constant and enterprises are centralizing incident-response teams to detect and respond to them. The Security Operations Center (SOC) is the centralized incident-response team reporting through the CSO/CISO and consisting of people, process, and technology.

As customers design and deploy a SOC, there are challenges. Today, SOCs are event- focused and reactive because there is no centralization of alerts and incident management. Additionally, the incident-response team lacks business context, process, and people collaboration.