A SOC has a traditional structure, but we decided to organise it a little differently from the classic concept. Why is that?

Well, before answering this question, it is necessary to explain the traditional structure, which was inspired by military exercises. So, in a classic SOC, we usually have an attack team, which is the Red Team, and a defense team, which is the Blue Team. In practice, the Red Team explores the environment by attacking threats. It's a team of ethical hackers. Meanwhile, Blue sets up the defences and monitors.

What is the differential of the ISH SOC?

We have an extra team. The Hunt Team. It is a team of professionals who know all the tactics of attack and defence. But they work on what we call blind spots. It will scan what Red could not see, it will check parts of the system where Blue did not establish defences and it will scan what the AI did not check either. In other words, he hunts down anything that goes outside the other teams' monitoring pattern.

That's the way we do SOC. Our security has also evolved to keep pace with the world's transformation into a hyper-connected network.

But why should your company be concerned about this anyway?

It is the subject of our latest article. Read it here.