SANS 2023 SOC Survey

Download this annual survey from the SANS Institute to gain insights from active SOC managers and analysts around best practices for running a SOC.

Key observations include:

  • The SIEM continues to be the central operating system of the SOC with many respondents citing the SIEM as one of the top technologies/tools for new hires to be familiar with
  • Staff composition, hiring, and retention hinder full utilization of SOC capabilities and there is a strong need for automation to address staffing challenges
  • SOC managers who can show connections from increased investment in the SOC to improvements in business-relevant metrics are in the best position to benefit from increased spending on cybersecurity

Download Now

This field is for validation purposes and should be left unchanged.

About CardinalOps:

Founded by security experts with nation-state expertise and led by executives from industry leaders such as Palo Alto Networks, Microsoft Security, and IBM Security, CardinalOps is focused on maximizing the effectiveness and efficiency of your existing security stack. Using automation and MITRE ATT&CK, the CardinalOps platform continuously assesses your detection posture and eliminates coverage gaps in your existing SIEM/XDR so you can easily implement a threat-informed defense. What’s more, it improves detection engineering productivity by 10x and drives cost savings by recommending new ways to tune noisy and inefficient queries, reduce logging volume, and eliminate underused tools in your stack. Visit www.cardinalops.com to learn more.