The * umBlog - worth knowing from the world of data and insights into our unbelievable company.

How do you find the right SOC provider for your company?

How do you find the right #SOC provider for your company?

You’re working to keep your company secure. You have all the right tools and decided that you need a Security Operations Center (SOC). You’ve done your research and decided that SOC as a service is right for you. But what do you look for in a SOC provider? 

Judge your friends by the company they keep

The best way to start is to make sure the potential SOC provider is a member of relevant security organizations. These groups are invaluable to foster cooperation and coordination in incident prevention, as well as information sharing so members know the latest threats and how to mitigate them. 

An SOC can’t work in isolation. A member of these organizations gets first hand insight on vulnerability and ongoing attacks, so they can act quickly and proactively. They can secure their own and their customers’ environments before these issues become public knowledge.

The prime group is, the Forum of Incident Response and Security Teams. FIRST is the premier organization and recognized global leader in incident response. It includes a variety of security incident response specialists from academia, government and the private sector.

There are also country CERTs (Community Emergency Response Teams) and regional groups like the European TF-CSIRT which a good SOC should be part of.

Has your SOC paid their dues?

You also need to check the qualifications of your potential SOC provider to see they follow best practices. Various groups provide certifications which are extremely important in this field. As an example, some of Basefarm/Unbelievable Machine’s specialists have:

  • GIAC Information Security Professional (GISP)
  • Certified Information Security Professional (CISSP)
  • ITIL Foundation Certificate in IT Service management (ITILF)
  • GIAC Penetration Tester (GPEN)
  • GIAC Certified Forensic Analyst (GCFA)
  • Red Hat Certified Engineer (RHCE)
  • SANS / GIAC Advisory Board membership

Furthermore, an SOC might have additional services which demonstrate their commitment to security. For instance, Basefarm has a wealth of other service components which can complement a SOC. These include:

  • Intrusion Detection System (IDS)
  • Web Application Firewall (WAF)
  • Log Management with Security Information and Event Management (SIEM)
  • Penetration Testing
  • IT Forensics
  • Vulnerability Testing
  • Security Consulting

In a nutshell, if you are looking for SOC as a service make sure the provider has the right people with the right qualifications and right tools who are members of the right organizations.

Fredrik Svantes (Basefarm)Read more about our SOC services here.

About the author: Fredrik Svantes is Senior Information Security Manager and Head of the Basefarm Security Operations department.

This might interest you, too:
What is a Security Operations Center and why do you need it?
Should you build your own SOC or use one as a service?

Social Media

Latest Blog Posts


The unbelievable Machine
Company GmbH
Grolmanstr. 40
D-10623 Berlin

+49-30-889 26 56-0 +49-30-889 26 56-11

Free Whitepaper

"Hadoop 2: How to realize big data projects successfully" (German version)

To Whitepaper Download

Working at *um:

Go to the Career Page