SOC Maturity

Assessment

Initial Stage

Q1. Which of the following scenarios best describe the functioning of your SOC elements such as reporting, governance, incident management, security analytics, log management, training and education, threat hunting, etc.
Q2. How does your SOC correlate and analyze event data, IoCs and other security- and threat-related data?

Vulnerable

Q3. What best describes the type of SIEM platform your team uses?
Q4. How are metrics tracked and reported within your SOC?

Secure

Q5. How frequently is your SOC staff trained?
Q6. How is human capital addressed in your SOC environment?

Respond

Q7. How would you define your incident response capability?
Q8. Which of the following technology scenarios best represent your security operations center?

Recovery

Q9. What is your SOC’s relationship with your IT operations?
Q10. What is your approach towards converging security operations with other functions?