A SOC has a traditional structure, but we decided to organize it a little differently from the classic concept. Why?

Well, before I answer that question, I need to explain the traditional structure, which was inspired by military exercises. So, in a classic SOC, we usually have an attack team, which is the Red Team, and a defense team, which is the Blue Team. In practice, Red exploits the environment by attacking threats. It's a team of ethical hackers. Meanwhile, Blue sets up defenses and monitors.

What makes the ISH SOC different?

We have an extra team. The Hunt Team. It's a team of professionals who know all the tactics of attack and defense. But they work in what we call blind spots. It will scan what Red couldn't see, it will check parts of the system where Blue hasn't established defenses and it will scan what the artificial intelligence hasn't checked either. In other words, it hunts down everything that falls outside the monitoring pattern of the other teams.

This is our way of doing SOC. Our security has also evolved to keep pace with the transformation of the world into a hyper-connected network.

But why should your company be concerned about this?

It's the subject of our latest article. Read it here.