In the fight against cyber threats, the SOC (Security Operations Center) is the battlefield with security analysts as the soldiers. In 2020 an order issued by the state of California demonstrated that cybersecurity staff was exempted from the coronavirus stay-home order.
However, even in times of relative tranquility, being in a SOC can sometimes feel like war. An average enterprise SOC encounters anything between ten thousand and a million alerts per day, and they are usually understaffed and have little margin for errors. Security analysts, like soldiers, need to stay alert and prepared for battle. As said in the military, “know your enemy,” which may not be the hacker but the barrage of alerts and false positives. Another helpful practice from military paradigms is that people cannot handle much in times of stress, so there is no point in teaching complicated concepts. While “under fire,” people (and security analysts are humans, not machines) return to basics. With this in mind, we would like to highlight the