The SANS Institute published its annual SOC Survey, a key resource for understanding the evolving landscape of Security Operations Centers (SOCs). This year’s survey highlights critical trends and technologies in cyber defense.
A key takeaway is the growing importance of Endpoint Detection and Response (EDR) technology, which received the highest marks from survey participants. Conversely, AI Generative technologies were rated least effective, suggesting ongoing challenges with integrating these tools into SOC workflows.
Another interesting finding is the decline in the use of TLS interception for inspecting encrypted traffic. This raises concerns about the ability of SOCs to monitor potential threats hidden within encrypted communications.
“These findings highlight both the advancements and persistent challenges within SOCs,” said Chris Crowley, SANS Senior Instructor and SOC Survey Author. “Understanding which technologies are favored and which ones fall short is crucial for organizations aiming to enhance their cybersecurity posture.”
The survey also explores communication between SOCs and senior management. The report found that 67% of SOCs provide metrics to justify their resource allocation.
The SANS Institute encourages cybersecurity professionals to attend a webcast to learn more about the survey results and gain valuable insights for improving their SOC operations.