Abstract
Many enterprises have invested in creating a Security Operations Center (SOC) as a physical or virtual organization, compiling a set of focused people, processes, and technologies to address threats, vulnerabilities, and incident response. This chapter examines two primary tools in use in SOCs—Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR). We’ll be looking at these tools from the perspective of Zero Trust, exploring how together they can improve the effectiveness and efficiency of daily operations in the SOC. But before we can tie these systems together, let’s discuss some of the reasons that SIEM and SOAR tools exist.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
