Request your report: Enterprise Strategy Group looks at the changing face of Incident Response and how prevention and detection tools and techniques have changed, but while doing so, have left the actual incident response functions behind.
“SOC teams are still responsible for:
- Putting this information in context so it can be analyzed in relation to specific IT assets like networks, endpoints, users, servers, applications, and data.
- Assessing which assets, if any, are vulnerable to identified attacks or have actually been compromised.
- Responding to security events like compromised assets and remediating security controls to block further attacks.”
Source: The Pressing Need to Improve Incident Response, ESG, February 2014