The Ultimate Guide to Security Operations Centres
A curated American edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for Security Operations Centres (SOCs).
What to know about Security Operations Centres
A Security Operations Centre (SOC) serves as the critical hub for monitoring, detecting, and responding to cybersecurity threats within organisations. Covering a wide spectrum of digital environments, SOCs integrate advanced technologies such as AI, machine learning, and automation tools to enhance threat detection and incident response capabilities.
Exploring recent developments in this field reveals insights on evolving challenges like alert fatigue, skills shortages, and the increasing complexity of cyberattack surfaces. Readers can learn how organisations leverage innovations in SOC-as-a-Service, AI-driven threat hunting, and next-generation platforms to build adaptable, efficient security operations tailored to their needs.
Whether you are an IT professional, security analyst, or business leader, following stories under the 'Security Operations Centre' tag offers valuable perspectives on managing cyber risk, improving operational efficiency, and preparing your organisation for the dynamic cybersecurity landscape ahead.
American Security Operations Centres News
Regional stories with direct local relevance
Intezer launches custom AI agents for security teams
Security teams could cut repetitive case work as Intezer's beta lets them build AI agents for reports, handover notes and rule tuning.
iboss launches free AI discovery service for firms
Security teams can now map shadow AI use in hours, as the free tier shows prompts, users and risk across popular tools.
Cisco powers U.S. Open with secure event networking
Reliable Wi-Fi and cyber security helped organisers keep broadcasts, ticketing and fan services running at the U.S. Open.
Skyhawk AI Red Team seizes AWS organisation in seconds
A financial services cloud was taken over in seconds in a test, highlighting how approved permissions can still let attackers reach full AWS control.
Cynomi adds automation & AI for MSP vulnerability work
Managed service providers could cut hours of manual vulnerability work per client as the update links scans, remediation and audit evidence.
Buoyant adds trust anchor rotation in Linkerd 2.20
Security teams gain less risky certificate changes as Buoyant's Linkerd 2.20 automates trust anchor rotation and cuts control-plane memory use.
Analyst Insights
Research and market analysis connected to Security Operations Centres
Data Theorem launches AI security platform for apps
Mandiant study finds USD $4.3 million annual benefit
Gartner names Tenable leader in AI exposure assessment
Checkmarx named leader in Gartner supply chain quadrant
AppOmni wins Intellyx Digital Innovator Award again
Featured News
Visa strengthens AI defences amid new era of cyber threats
Visa is pouring billions into AI defences as regulators demand safer, auditable systems to counter faster cyber threats and fraud.
Reducing cyber risk is still hard: Why CTEM stalls at action
Security teams are still struggling to turn vulnerability alerts into fixes, leaving companies exposed for months when IT and operations must act separately.
Exabeam: Ruthless efficiency can make agentic AI malicious
Behavioural analytics is becoming essential as AI agents can pursue tasks so efficiently that they may cause damage without any malicious intent.
Exclusive: Reco COO on securing the AI inside your SaaS stack
Reco COO Zoe Hillenmeyer says enterprises typically underestimate their AI agent exposure by a factor of ten and that gap is widening.
Google flags urgency as AI reshapes cyber threats
Patching delays now carry greater risk as Google says AI is helping attackers scale intrusions, speed up breaches and automate operations.
Exclusive: Google Cloud on the road to autonomous SecOps
The new tools could cut analysts’ manual threat-response work from days to minutes as Google Cloud pushes SecOps towards an autonomous SOC.
Netskope's Tony Burnside - visibility is key to AI security
AI tools are creating hidden east-west traffic that security teams struggle to monitor, raising the risk of data leakage and compromise.
TrendAI: Evolving the cybersecurity value proposition
New research shows two-thirds of Australian business and IT leaders feel pressured to approve AI projects while overlooking security risks.
Reviews
Expert Columns
AI does not invent cyber risk, it accelerates it
What makes a cybersecurity AI partnership worth paying attention to?
Security teams are collecting more video than ever, but most of it still goes unused
What Swiss Cheese teaches us about choosing MDR
While OT security is maturing, risk is not slowing down
Stop confusing demos with POCs - Your pipeline depends on it
Your Immune System Doesn't Wait. Neither Should Your Security
Unlocking intelligence with access control
A long time ago in a galaxy far, far away…Cybersecurity was already hard
The Death of the Firewall
Interviews
Interviews and video coverage from the networkRecent Security Operations Centres News
Internal AI systems emerge as top breach risk: report
Security teams are struggling to spot intrusions until after data is stolen, with 85% of leaders reporting AI-linked incidents or near misses.
Federal cybersecurity report flags supply chain gaps
Many defence suppliers still lack visibility into software risks, as more than a quarter reported a supply chain compromise last year.
iCOUNTER names Ali Waezzadah as Chief Information Security Officer
The hire comes as the cyber risk company expands into third-party and supply chain defence, with attacks on connected networks growing more persistent.
1Kosmos names Roger Hale as Chief Information Security Officer
The hire comes as firms face rising identity fraud risks in account recovery, device enrolment and privileged access workflows.
Intezer launches MCP server for security AI agents
The new server lets security teams feed Claude and Codex with case history and triage logic, reducing manual alert handling.
Corelight adds passive asset visibility to Open NDR
Security teams can now spot unmanaged devices and services on live traffic as Corelight extends Open NDR with passive asset classification.
Myriad360 duo named to CRN's Next-Gen leaders list
The recognition underscores growing demand for cyber advisers who can tie technical decisions to business risk as threats and cloud use intensify.
FIRST raises 2026 vulnerability forecast to 66,000 CVEs
Security teams face a heavier patching burden next year, with disclosure volumes now tracking far above FIRST's earlier estimate.
Horizon3.ai & Brinqa team up on exposure management
Enterprises could cut remediation noise as attacker-validated findings are ranked against business context, ownership and exploit paths.
UltraViolet Cyber launches Solstice AI pentesting platform
The platform aims to speed application security reviews by about 20% while keeping expert testers in charge of final findings.
Gigamon & Splunk launch federated telemetry search
Joint customers can search telemetry in place, cutting duplication and storage costs while improving security visibility across hybrid cloud estates.
Tanium launches AI tools & expands FedRAMP services
US government agencies and security teams will get broader compliance and threat-hunting tools as Tanium adds AI features and FedRAMP services.
Cisco launches Cloud Control for AI-led IT operations
Controlled US availability means customers can now unify network, security and AI operations in one place, with external tools included.
Factor launches supply chain detection & response platform
Attackers targeting weaker suppliers are pushing enterprises to move from periodic reviews to continuous monitoring and response across vendor networks.
Doppel launches email security to fight phishing campaigns
Security teams may get broader visibility into phishing campaigns as Doppel adds inbox defence to its platform for social engineering attacks.
CodeHunter appoints Anurag Jain as Engineering Chief
The hire signals CodeHunter's push to scale pre-execution software security as threats mount across supply chains and development environments.
Ocean raises GBP £28 million to fight AI email fraud
AI-written phishing is forcing security teams to rethink email defences as Ocean claims its system already scans more than one billion messages a month.
CrowdStrike adds Claude monitoring to Falcon tools
Security teams can now spot AI-related risks alongside other alerts as Claude activity is fed into CrowdStrike's Falcon platform.
Permiso launches AI agent security tools with Autodesk
Autodesk is among early users as the new controls aim to give security teams runtime visibility into unapproved AI agents and their actions.
RegScale raises USD $30 million in oversubscribed Series B
The funding will help RegScale scale faster as federal and enterprise buyers demand quicker compliance checks and less manual audit work.