SOC Analyst

If you have your own SOC and you just need a better alternative tool for them to use for investigation and monitoring for attacks, Knogin Hunter has multiple different levels of profiles for different possible roles within a SOC. It means you can use Knogin Hunter with your own SOC and you don’t necessarily need Knogin Vigilant to notify you of issues 24/7. It has several different profile levels above the SOC Analyst one described below, such as  Threat Analyst, SOC Manager, Forensic Investigator, Platform Operations Engineer and Data Scientist.

Knogin Hunter has a profile specifically for SOC Analysts which allows them to seamlessly interact with the system to find all correlated data and to perform their investigations without leaving the tools. The SOC Analyst profile is specifically designed for Beginner and Junior Level Analysts who have the following responsibilities:

  • Monitor attacks and behaviours
  • Search / investigate breaches
  • Research malware
  • Review Alerts
  • Create tickets
  • Escalate tickets or filter out events
  • Follow security playbooks / use cases
  • Investigate unsuccessful attacks

The SOC Analyst profile allows the Analyst to use:

  1. Security Analytics platform dashboards
  2. Security Endpoint UIs
  3. Email
  4. Ticketing
  5. Workflow systems

The SOC Analyst can then escalate to other roles such as Threat Analyst, SOC Manager, Forensic Investigator, Platform Operations Engineer or a Data Scientist.