The Modern Security Operations Center: The People, Process, and Technology for Operating SOC Services

Chapter 8 Threat Hunting and Incident Response

If some animals are good at hunting and others are suitable for hunting, then the gods must clearly smile on hunting.

—Aristotle

One of the staple services found in mature security operations centers around the world is incident response. Every organization has the expectation that the SOC will jump into action when a cybersecurity incident occurs. Who do you call when malware is found? The SOC! Who do you call when phishing attacks are identified? The SOC! Who do you call when data has been stolen? The SOC! The SOC is the organization’s defense against cyberthreats. The key to the SOC’s success when initiating its incident response service is ensuring the right processes are followed, as each incident ...

Get The Modern Security Operations Center: The People, Process, and Technology for Operating SOC Services now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Modern Security Operations Center: The People, Process, and Technology for Operating SOC Services by Joseph Muniz, Aamir Lakhani, Omar Santos, Moses Frost

Chapter 8

Threat Hunting and Incident Response

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly