The Ultimate Guide to Security Operations Centres
A curated American edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Security Operations Centres (SOCs).
What to know about Security Operations Centres
A Security Operations Centre (SOC) serves as the critical hub for monitoring, detecting, and responding to cybersecurity threats within organisations. Covering a wide spectrum of digital environments, SOCs integrate advanced technologies such as AI, machine learning, and automation tools to enhance threat detection and incident response capabilities.
Exploring recent developments in this field reveals insights on evolving challenges like alert fatigue, skills shortages, and the increasing complexity of cyberattack surfaces. Readers can learn how organisations leverage innovations in SOC-as-a-Service, AI-driven threat hunting, and next-generation platforms to build adaptable, efficient security operations tailored to their needs.
Whether you are an IT professional, security analyst, or business leader, following stories under the 'Security Operations Centre' tag offers valuable perspectives on managing cyber risk, improving operational efficiency, and preparing your organisation for the dynamic cybersecurity landscape ahead.
American Security Operations Centres News
Regional stories with direct local relevance
Cyber resilience priorities diverge sharply across sectors
Critical infrastructure and healthcare lag peers on basic cyber controls, leaving essential services more exposed than financial firms and technology groups.
Jazz appoints six senior leaders as DLP push scales
The cyber security start-up is building out its management team as it seeks to turn fresh interest in AI-era DLP into larger enterprise sales.
Hexnode links UEM to ServiceNow incident management
IT teams can now manage device incidents and remote fixes from ServiceNow, cutting console-hopping and improving audit trails across Hexnode UEM.
Permiso launches risk score engine for identity security
Security teams gain a way to prioritise compromised accounts, with Permiso's new engine scoring human, machine and AI identities on a 0-to-100 scale.
CISA uses Anthropic AI to hunt flaws in federal code
The pilot could speed up vulnerability hunting across government systems, but it also leaves human teams to verify and fix each AI flag.
Hakimo raises USD $12 million in growth funding round
Demand for AI security systems is rising as Hakimo says its monitoring reduces incidents and guard costs for property owners.
Analyst Insights
Research and market analysis connected to Security Operations Centres
IDC survey flags networking bottlenecks for agentic AI
Permiso launches risk score engine for identity security
Tanium named leader in IDC digital employee experience
Financial services breach risk rises as AI adoption surges
Data Theorem launches AI security platform for apps
Featured News
Check Point: Be the best, or get out the way
Rising AI-driven attacks are compel security buyers to cut vendor sprawl, though Check Point warns over-consolidation can still raise risk.
Check Point: Hackers are already in. Act accordingly
Hackers are exploiting vulnerabilities in hours or minutes, leaving many organisations compromised before defenders spot the breach.
Visa strengthens AI defences amid new era of cyber threats
Visa is pouring billions into AI defences as regulators demand safer, auditable systems to counter faster cyber threats and fraud.
Exabeam: Ruthless efficiency can make agentic AI malicious
Behavioural analytics is becoming essential as AI agents can pursue tasks so efficiently that they may cause damage without any malicious intent.
Exclusive: Reco COO on securing the AI inside your SaaS stack
Reco COO Zoe Hillenmeyer says enterprises typically underestimate their AI agent exposure by a factor of ten and that gap is widening.
Google flags urgency as AI reshapes cyber threats
Patching delays now carry greater risk as Google says AI is helping attackers scale intrusions, speed up breaches and automate operations.
Exclusive: Google Cloud on the road to autonomous SecOps
The new tools could cut analysts’ manual threat-response work from days to minutes as Google Cloud pushes SecOps towards an autonomous SOC.
Netskope's Tony Burnside - visibility is key to AI security
AI tools are creating hidden east-west traffic that security teams struggle to monitor, raising the risk of data leakage and compromise.
Reviews
Expert Columns
Why faster AI is exposing slower security thinking
AI does not invent cyber risk, it accelerates it
What makes a cybersecurity AI partnership worth paying attention to?
Security teams are collecting more video than ever, but most of it still goes unused
What Swiss Cheese teaches us about choosing MDR
While OT security is maturing, risk is not slowing down
Stop confusing demos with POCs - Your pipeline depends on it
Your Immune System Doesn't Wait. Neither Should Your Security
Unlocking intelligence with access control
A long time ago in a galaxy far, far away…Cybersecurity was already hard
Interviews
Interviews and video coverage from the networkRecent Security Operations Centres News
Picus launches AI platform to validate real exploits
Security teams may be able to cut false alarms as Picus says its new platform proves whether a vulnerability can actually be exploited.
Intezer launches custom AI agents for security teams
Security teams could cut repetitive case work as Intezer's beta lets them build AI agents for reports, handover notes and rule tuning.
iboss launches free AI discovery service for firms
Security teams can now map shadow AI use in hours, as the free tier shows prompts, users and risk across popular tools.
Cisco powers U.S. Open with secure event networking
Reliable Wi-Fi and cyber security helped organisers keep broadcasts, ticketing and fan services running at the U.S. Open.
Skyhawk AI Red Team seizes AWS organisation in seconds
A financial services cloud was taken over in seconds in a test, highlighting how approved permissions can still let attackers reach full AWS control.
Buoyant adds trust anchor rotation in Linkerd 2.20
Security teams gain less risky certificate changes as Buoyant's Linkerd 2.20 automates trust anchor rotation and cuts control-plane memory use.
Cynomi adds automation & AI for MSP vulnerability work
Managed service providers could cut hours of manual vulnerability work per client as the update links scans, remediation and audit evidence.
Internal AI systems emerge as top breach risk: report
Security teams are struggling to spot intrusions until after data is stolen, with 85% of leaders reporting AI-linked incidents or near misses.
Federal cybersecurity report flags supply chain gaps
Many defence suppliers still lack visibility into software risks, as more than a quarter reported a supply chain compromise last year.
iCOUNTER names Ali Waezzadah as Chief Information Security Officer
The hire comes as the cyber risk company expands into third-party and supply chain defence, with attacks on connected networks growing more persistent.
1Kosmos names Roger Hale as Chief Information Security Officer
The hire comes as firms face rising identity fraud risks in account recovery, device enrolment and privileged access workflows.
Intezer launches MCP server for security AI agents
The new server lets security teams feed Claude and Codex with case history and triage logic, reducing manual alert handling.
Corelight adds passive asset visibility to Open NDR
Security teams can now spot unmanaged devices and services on live traffic as Corelight extends Open NDR with passive asset classification.
Myriad360 duo named to CRN's Next-Gen leaders list
The recognition underscores growing demand for cyber advisers who can tie technical decisions to business risk as threats and cloud use intensify.
FIRST raises 2026 vulnerability forecast to 66,000 CVEs
Security teams face a heavier patching burden next year, with disclosure volumes now tracking far above FIRST's earlier estimate.
Horizon3.ai & Brinqa team up on exposure management
Enterprises could cut remediation noise as attacker-validated findings are ranked against business context, ownership and exploit paths.
UltraViolet Cyber launches Solstice AI pentesting platform
The platform aims to speed application security reviews by about 20% while keeping expert testers in charge of final findings.
Gigamon & Splunk launch federated telemetry search
Joint customers can search telemetry in place, cutting duplication and storage costs while improving security visibility across hybrid cloud estates.
Tanium launches AI tools & expands FedRAMP services
US government agencies and security teams will get broader compliance and threat-hunting tools as Tanium adds AI features and FedRAMP services.
Cisco launches Cloud Control for AI-led IT operations
Controlled US availability means customers can now unify network, security and AI operations in one place, with external tools included.