The SOC team's objectives are to reduce the time to detection and rapidly remediate threats within their network. The SOC team faces three major challenges to meeting these objectives:
- Skills: Analysts must understand advanced attacker methods and the technologies
- Tools: Analysts must have the right tools to gather relevant host data and analyze it in time to stop damage and loss
- Process: Current processes are dominated by data collection and known indicator search, which is not designed to identify unique, polymorphic attacks