Welcome to Scribd!

Example of SOC RACI With Both Internal Resources of A Given Organization and Pure-Player MSSP

Uploaded by

0% found this document useful (0 votes)

263 views2 pages

The document outlines a RACI (Responsible, Accountable, Consulted, Informed) matrix that defines the roles and responsibilities of both internal and external stakeholders in a Security Operations Center (SOC). It shows that the SOC analyst is primarily Responsible or Accountable for most detection, engineering, intelligence, and reporting activities. The incident manager is typically Accountable or Consulted on incident response and improvement initiatives, while the offensive security expert is usually Consulted on detection capabilities and continuous improvement.

Original Description:

Original Title

Untitled

Copyright

Available Formats

XLSX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as XLSX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as xlsx, pdf, or txt

0% found this document useful (0 votes)

263 views2 pages

Example of SOC RACI With Both Internal Resources of A Given Organization and Pure-Player MSSP

Uploaded by

James Lee

Copyright:

Available Formats

Download as XLSX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as xlsx, pdf, or txt

Jump to Page

You are on page 1of 2

Search inside document

Example of SOC RACI with both internal resources of a given organization an

Organization
Activities SOC Incident Offensive SOC
SOC analyst detection manager security Management SOC analyst
lead expert
Alerts triage (SIEM) I A R
Incident creation (SIRP) for follow-up I I A R
Detection
service Incident validation by organization's SOC team R I I A I
Confirmation of need to escalate the incident to CSIRT team R I A A I
Detection use case opportunities identification C A C R A/C C
Risk-based attack scenarios confirmation, with redteaming I A I R A/C
SIEM rules creation (SIEM search creation and optimization) I A I I A
Detection Service Testing & Tuning
engineering C A A C
SIEM rules maintenance & fix I C A I
Datamodel management I A I A I
Data acquisition and ingestion to the SIEM I A I I A I
Custom playbook development C C C C A I
Automation
engineering Tools integration with orchestrator (ITSM, security C C C C A I
solutions...)
Threat intelligence collection C A I I A I
Security
Intelligence Threat intelligence sources validation C A C I A I
Services Threat intelligence use cases definition C A C I A I
SOC tools (SIEM, TIP, SIRP, SOA, GIT) admininistration I I I I A I
Log Source Heartbeat Monitoring I I I I A I
Administrativ
e Services Log Source Management I C I I A I
SOC tools monitoring I I I I A I
Building and updating KPI C C C C A/R I
Reporting Generating reporting
Services I I A I A I
Acting upon missed SLA C C C I A/R I
Incident handling (CSIRT) I I A I A I
Incident
response Forensics Investigation (CSIRT) I I A I A I
service Improve detection with incident response feedback I R A C A I
Detection capabilities assessment (purpleteaming) R A I R A/C R
Continuous Incident response capabilities assessment (purpleteaming)
improvement I I A R A/C I
Scheduling regular external audits I I I I A/R I
en organization and pure-player MSSP
MSSP
Incident Threat intel SOC SecDevOps / SOC Tools SDM /
handler analyst detection automation Admin project
engineer management
I
I I
I I
I A
C C R A
C I R A
I R I
R I A
R I I
I I R I I
I I R I I A
I I C R I A
I I C R C A
I R I I I A
I R I I C A
I R C I A
I I I I R A
I I I I R I
I I C C R A
I I I I R A
I I I I R
I I I A/R
I I I I R
R I I A
R I I A
C C R C I A
I I R R A
R R R A
I I I I I A/R

Certified Secure Web Application Engineer (CSWAE) Course Outline - Rev.2.1
Document4 pages
Certified Secure Web Application Engineer (CSWAE) Course Outline - Rev.2.1
Zidane Lance
No ratings yet
CIS Controls and Sub-Controls Mapping To ISO
Document47 pages
CIS Controls and Sub-Controls Mapping To ISO
Ronald López
No ratings yet
Hooli Phishing Simulation Report v1.0
Document13 pages
Hooli Phishing Simulation Report v1.0
Jordan
No ratings yet
Pentest Report
Document19 pages
Pentest Report
Muhammad Awais
100% (1)
Computerized System Life Cycle Management
Document107 pages
Computerized System Life Cycle Management
Qc
No ratings yet
Balbix New CISO Board Deck
Document42 pages
Balbix New CISO Board Deck
Sandesh Raut
No ratings yet
Mandiant - Company - Presentation - SHORT - V0.1 MASTER
Document38 pages
Mandiant - Company - Presentation - SHORT - V0.1 MASTER
uakarsu
No ratings yet
Web Application Security Audit Report
Document23 pages
Web Application Security Audit Report
Wieslaw Krawczynski
No ratings yet
Incident Response Playbook: Phishing Investigation (Part 1) : Stop / Remove The User / Identity Off The Potential List
Document4 pages
Incident Response Playbook: Phishing Investigation (Part 1) : Stop / Remove The User / Identity Off The Potential List
fawas hamdi
No ratings yet
IBM QRadar A Complete Guide - 2020 Edition
From Everand
IBM QRadar A Complete Guide - 2020 Edition
Gerardus Blokdyk
No ratings yet
Cyber Scape
Document1 page
Cyber Scape
mirza sharif
No ratings yet
Pentesting Presentation
Document99 pages
Pentesting Presentation
Maqsood Alam
100% (1)
87 Security Frameworks Slides
Document34 pages
87 Security Frameworks Slides
amit_redkar1986
No ratings yet
Rsa Sans Roadmap To Creating A World Class Soc
Document1 page
Rsa Sans Roadmap To Creating A World Class Soc
Root
100% (1)
Cloud Computing Security Risk Assessment - ENISA
Document125 pages
Cloud Computing Security Risk Assessment - ENISA
Aaron Mangal
No ratings yet
Roadmap To Cyber Security
Document32 pages
Roadmap To Cyber Security
rf
100% (2)
Audit of IT Security 061cab1246c98f6 59791303
Document42 pages
Audit of IT Security 061cab1246c98f6 59791303
PRUTHVI S
No ratings yet
19 1106 Cisa CISA Cyber Essentials S508C 0
Document2 pages
19 1106 Cisa CISA Cyber Essentials S508C 0
Julio Cesar Balderrama
No ratings yet
SANS Security Awareness
Document2 pages
SANS Security Awareness
fredel
No ratings yet
IR Plan Template
Document16 pages
IR Plan Template
Parv Bhardwaj
No ratings yet
Business Continuity & Disaster Recovery: Business Impact Analysis Rpo/Rto Testing, Backups, Audit
Document38 pages
Business Continuity & Disaster Recovery: Business Impact Analysis Rpo/Rto Testing, Backups, Audit
Nazmul Karim
100% (1)
Building Security Into The Software Life Cycle: A Business Case
Document20 pages
Building Security Into The Software Life Cycle: A Business Case
kenny11lee
No ratings yet
Wazuh PCI DSS Guide PDF
Document49 pages
Wazuh PCI DSS Guide PDF
Baha Habib
No ratings yet
Vulnerabilty Tools, Assessment and Their Exploitation at Unit Level
Document18 pages
Vulnerabilty Tools, Assessment and Their Exploitation at Unit Level
Abhijeet Pawar
No ratings yet
IoT Security Checklist Web 10 17 r1
Document39 pages
IoT Security Checklist Web 10 17 r1
Subin
No ratings yet
Best Practices Cyber Security Testing
Document4 pages
Best Practices Cyber Security Testing
theeffani
100% (1)
Cyber Security Employee Awareness Training Program PDF
Document12 pages
Cyber Security Employee Awareness Training Program PDF
Anonymous 2WKRBqFlf
No ratings yet
The Third-Party Incident Response Playbook 841100
Document19 pages
The Third-Party Incident Response Playbook 841100
vdfrveghbauxp
No ratings yet
1 180 Server Hardening Policy
Document1 page
1 180 Server Hardening Policy
logicR
No ratings yet
Cyber Security
Document8 pages
Cyber Security
Mark Gonzales
No ratings yet
Security Operations Center Job Description Templates
Document20 pages
Security Operations Center Job Description Templates
ep230842
No ratings yet
TATA Communications VAPT Service Overview
Document20 pages
TATA Communications VAPT Service Overview
nidelel214
No ratings yet
An IT Security Manager's Checklist
Document4 pages
An IT Security Manager's Checklist
rajunair
0% (1)
Incident Response and Digital Forensics - : Denver Chapter of ISACA
Document67 pages
Incident Response and Digital Forensics - : Denver Chapter of ISACA
Gerardo Pérez
No ratings yet
1) Overview of The Cybersecurity Framework
Document4 pages
1) Overview of The Cybersecurity Framework
Arunim Aich
No ratings yet
Cheat Sheet - Incident Response Log Management
Document1 page
Cheat Sheet - Incident Response Log Management
Lysandra Emylaine Capella
No ratings yet
3rd Party Risk Assessment Questionaire Info Sec
Document50 pages
3rd Party Risk Assessment Questionaire Info Sec
naderkhaled72254
No ratings yet
Web Engineering: Assignment No 3: Firewall
Document9 pages
Web Engineering: Assignment No 3: Firewall
Tabish Noman
No ratings yet
What Is The Secure Software Development Life Cycle - Synopsys
Document2 pages
What Is The Secure Software Development Life Cycle - Synopsys
gong688665
No ratings yet
Vulnerability Scanning Standard
Document7 pages
Vulnerability Scanning Standard
Layer8 IOT
No ratings yet
Cisco Cybersecurity-Management-Programs 1
Document7 pages
Cisco Cybersecurity-Management-Programs 1
api-654754384
No ratings yet
Security Controls To Reduce Risks and Cyber Insurance
Document13 pages
Security Controls To Reduce Risks and Cyber Insurance
Marcio Cassiano
No ratings yet
Cyber Security Awareness
Document30 pages
Cyber Security Awareness
Rajeev Ranjan
No ratings yet
Essential 8
Document8 pages
Essential 8
Fahad Hasan
No ratings yet
Phishing Seminar Report Final
Document25 pages
Phishing Seminar Report Final
Piyush Mantri
100% (1)
Malware Removal Checklist
Document1 page
Malware Removal Checklist
SaileshResume
No ratings yet
ISMS Awareness Training For General Users
Document42 pages
ISMS Awareness Training For General Users
Kamrul Hasan
No ratings yet
RISK BASED CYBERSECURITY FRAMEWORK Exposure Draft June PDF
Document38 pages
RISK BASED CYBERSECURITY FRAMEWORK Exposure Draft June PDF
Zafar Islam
100% (1)
Vulnerability Management Process
Document28 pages
Vulnerability Management Process
Adil Sufyan
No ratings yet
BSI ISOIEC27001 Assessment Checklist UK en
Document3 pages
BSI ISOIEC27001 Assessment Checklist UK en
DanushkaPerera
No ratings yet
Very Important Audit - Checklist
Document28 pages
Very Important Audit - Checklist
shakawath
100% (1)
ISO-IEC 27001 Self Assessment Form
Document3 pages
ISO-IEC 27001 Self Assessment Form
Alea Consulting
100% (1)
Protecting Information From Insider Threats: Solution Guide
Document4 pages
Protecting Information From Insider Threats: Solution Guide
securitybeep
No ratings yet
Automate Response: Did You Know?
Document10 pages
Automate Response: Did You Know?
Sridhar Krishnamurthi
No ratings yet
ISO27k ISMS 4 Generic Business Case 2022
Document6 pages
ISO27k ISMS 4 Generic Business Case 2022
YuckFou
No ratings yet
ISO 22301 A Complete Guide - 2021 Edition
From Everand
ISO 22301 A Complete Guide - 2021 Edition
Gerardus Blokdyk
No ratings yet
Qualified Security Assessor Complete Self-Assessment Guide
From Everand
Qualified Security Assessor Complete Self-Assessment Guide
Gerardus Blokdyk
No ratings yet
PCI DSS Complete Self-Assessment Guide
From Everand
PCI DSS Complete Self-Assessment Guide
Gerardus Blokdyk
No ratings yet
Information Security Policy A Complete Guide - 2019 Edition
From Everand
Information Security Policy A Complete Guide - 2019 Edition
Gerardus Blokdyk
No ratings yet
Vulnerability And Patch Management A Complete Guide - 2021 Edition
From Everand
Vulnerability And Patch Management A Complete Guide - 2021 Edition
Gerardus Blokdyk
No ratings yet
Security operations center A Complete Guide - 2019 Edition
From Everand
Security operations center A Complete Guide - 2019 Edition
Gerardus Blokdyk
No ratings yet
Yabridge VST and VST3 On Linux Definitive Tool
Document3 pages
Yabridge VST and VST3 On Linux Definitive Tool
Nicola Landro
No ratings yet
RecoverPoint For VMs 5.3 Flex Plugin Administrator Guide 01
Document65 pages
RecoverPoint For VMs 5.3 Flex Plugin Administrator Guide 01
oussama
No ratings yet
Readme
Document3 pages
Readme
Eloy Macarlupu
No ratings yet
ERP - Unit 1
Document12 pages
ERP - Unit 1
Karthick Jayaraman
No ratings yet
HP ILO Update
Document5 pages
HP ILO Update
maynarduk
No ratings yet
Cs403 Solved Mcqs Final Term by Junaid
Document52 pages
Cs403 Solved Mcqs Final Term by Junaid
Hammad Ahmed Khan
100% (4)
Chapter 03
Document60 pages
Chapter 03
Benny Supriyadi Siregar
No ratings yet
100127068
Document29 pages
100127068
karthidev
No ratings yet
Project Report On Multiplex - Ticket Booking System
Document32 pages
Project Report On Multiplex - Ticket Booking System
Gaurav Pathak
50% (2)
CSE427 Syllabus
Document3 pages
CSE427 Syllabus
Amit Kumar
No ratings yet
Adv Java
Document46 pages
Adv Java
Patel Deep
No ratings yet
Habitat Display Reference Manual
Document172 pages
Habitat Display Reference Manual
ssladmin
No ratings yet
PASS ADF CICD With GitHub
Document14 pages
PASS ADF CICD With GitHub
PMP Aspirants IMT
No ratings yet
IBM History Flow Visualization Application Linux Linux On Power Power Hard Disk Drive
Document2 pages
IBM History Flow Visualization Application Linux Linux On Power Power Hard Disk Drive
Prabha Karan
No ratings yet
C++ Multithreading
Document7 pages
C++ Multithreading
Kobina
No ratings yet
Class 12 Ip Project
Document21 pages
Class 12 Ip Project
Krish Singh
100% (1)
Big Brother Installation and Configuration Guide
Document60 pages
Big Brother Installation and Configuration Guide
ajfiji
No ratings yet
NXCAD01 07 en HD3D FS
Document3 pages
NXCAD01 07 en HD3D FS
sina
No ratings yet
Foundations For High Scalability in Mule 4 PDF
Document33 pages
Foundations For High Scalability in Mule 4 PDF
cibij
No ratings yet
KOHA-Open Source Integrated Library Software
Document18 pages
KOHA-Open Source Integrated Library Software
Edu Sonico
No ratings yet
Solarwinds Technical Reference: Orion NPM Migration
Document17 pages
Solarwinds Technical Reference: Orion NPM Migration
Francine Herding
No ratings yet
Hack2Secure Web Application Security Testing Workshop LiveOnline
Document5 pages
Hack2Secure Web Application Security Testing Workshop LiveOnline
Anonymous Rp4du2
No ratings yet
Data Generalization
Document3 pages
Data Generalization
MNaveedsdk
No ratings yet
On Line Auction System
Document35 pages
On Line Auction System
zkalel_m
No ratings yet
Umesh Arora
Document6 pages
Umesh Arora
Sanja
No ratings yet
RT Camp Final Placement Notice - 2022 Passing Out Batch Only For Students of Amity Education Group Only For Unplaced & Eligible Students Last Date To Register 19 September 2021 by 10 Am
Document2 pages
RT Camp Final Placement Notice - 2022 Passing Out Batch Only For Students of Amity Education Group Only For Unplaced & Eligible Students Last Date To Register 19 September 2021 by 10 Am
Ravikant Kamavarapu
No ratings yet
M3 - CompOverview 201610
Document82 pages
M3 - CompOverview 201610
Beickert
No ratings yet
Getting Started With Signalr 2 and MVC 5
Document4 pages
Getting Started With Signalr 2 and MVC 5
mansha99
No ratings yet
CCNA Security, Final Exam
Document22 pages
CCNA Security, Final Exam
Marco Antonio Vera Marin
100% (1)