Gartner® SOC Model Guide
This guide provides security leaders with a framework to use when building a hybrid security operations center (SOC), striking the right balance of internal and external resources to fill all the roles required to meet a SOC’s objectives.
In this report, you’ll specifically learn:
- The four main objectives of a SOC
- How to scale a SOC with internal and external resources
- What hybrid SOC tasks should be insourced vs. outsourced (and why)
- How managed detection and response (MDR) providers can help
WHY THIS REPORT AND WHY NOW?
As organizations grapple with the challenge of scaling up their SOC, relying solely on internal staff is increasingly difficult, if not impossible. While some SOC responsibilities are best performed by in-house staff who understand the business’s unique needs and security landscape, other tasks—like building detections for common attack techniques—are more tactical and better achieved by engaging a larger external team.
A hybrid SOC model combines the strengths of both insourced and outsourced teams, with each playing a vital role in the activities required for proper SOC operation. When done effectively, this approach gives security leaders a strategic advantage, allowing them to allocate resources based on business priorities, available skill sets, and budget. The Gartner SOC Model Guide offers actionable insights to help you strike the right balance between insourcing and outsourcing, enabling you to choose the right SOC model for your organization.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of the Gartner Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner, SOC Model Guide 18 October 2023, Eric Ahlm Et Al.