Not every organization that needs a security operations center can afford to equip and staff one. If you don’t currently have your own SOC, you are probably thinking of ways you can obtain one without building it from scratch. The on-premises version can be pricey, more so once you factor in the staffing costs to man it 24/7. In the past few years, managed security service providers (MSSPs) have come up with cloud-based SOCs that they use to monitor your networks and computing infrastructure and provide a wide range of services such as patching and malware remediation.
Since I first wrote this piece back in 2019, the SOC-as-a-service (SOCaaS) industry has matured to the point now where the term is falling into disfavor as managed services vendors have become more integral to the practice. As cloud-based security tools have gotten better, data centers and applications have migrated there as well. Some of the services I discuss in this updated article fo CSOonline call themselves SOCaaS, while others use other managed services designations. I cover what they offer and how to pick the right supplier for your particular needs.
And to help you evaluate your own SOCaaS providers, I wrote this 2019 article that outlines what you should have in your RFPs.