CyberSoc Framework a Systematic Review of the State-of-Art
Mário Saraiva, Nuno Mateus-Coelho
Abstract
Security Operation Centers (SOCs) are a crucial service for enterprises looking to face the new global insecure environment, as well as retain compliance and control over threat management. While there are frameworks in place to address the technical aspects of these services, there is currently no comprehensive framework in place to address how to correctly identify whether a threat is real, a false positive, or even a false negative, without relying on artificial intelligence, which has unfortunately already misled several activities in the face of new threats. It would also be advantageous for businesses and constituents to consider using a static framework that might, among other things, clarify the CyberSoc analyst in the event of a misunderstanding. The results of a systematic review were presented in this research in order to comprehend the current state of the art for CyberSoc Frameworks.