MALTEGO RECOMMENDS: THREAT INTEL FOR SMALL SOC TEAMS 2 A SOC team is tasked with continuously monitoring its environment in order to detect, analyze, and respond to cybersecurity incidents, and ultimately improve the security posture of the organization However, to effectively monitor their environment, it isn’t enough for SOC teams to deploy security systems and tools that will alert them to an indiscriminate number of events. They need to know what threat actors are doing, what their activity may look like, and how to find traces of said activity across their infrastructure. Usually, the sort of traces that are left behind by threat actors and picked up by the monitoring systems will be either observables or even indicators of compromise (IoC)—IP addresses, host and domain names

Join for free to read