These shortcomings impede further innovation. Despite their popularity, existing academic work on the topic lacks a generally accepted view and focuses mainly on fragments rather than looking at it holistically. This is mainly due to the paramount necessity to prevent major cyber incidents and the resulting adoption of centralized security operations in businesses. Since the introduction of Security Operations Centers (SOCs) around 15 years ago, their importance has grown significantly, especially over the last five years. This system will extend a SOC's ability to add any tool to the monitored devices while collecting logs that can trigger alerts whenever a suspicious behavior is detected.
We also introduce a new system of its kind called a Programmable Plugin-based Intrusion Detection and Prevention System (PPIDPS). This is on top of enhancing their ability to handle more servers in the clusters as a single logical unit. These underpinning features are meant to mitigate underlying SOC challenges, which often emerge as a result of many pre-determined and repeated processes, bolstering their ability for expansion with new tools.
Incident priority matrix full#
We, herein, propose a framework that would offer a fully automated open-source SOC deployment otherwise dubbed, a "plug-and-play framework" full horizontal scalability incorporating a modular architecture. These include lack of ability to be strengthened on the fly, slow development processes, and their ineptness for continuous timely updates. In this paper, our proposed framework is brought about to address the problem that current open-source SOC implementations are plagued with. A Security Operations Center(SOC) adoption will help in the detection, identification, prevention, and resolution of issues before they end up causing extensive cyber-related damage. Indeed, it is no longer a matter of "if" but "when" a security incident will take place. The number of cyber-attacks have substantially increased over the past decade resulting in huge organizational financial losses.