I’ve worked in security operation centers (SOCs) since before they were even called that, and I’ve seen a lot. A lot of threats, a lot of technologies that worked for a while—until the threats evolved past them—and a lot of frustrated SOC teams.
As someone who attended the very first RSA and Black Hat security conferences, I’m amazed that every year the exhibition floors at those events are jammed with vendors coming out of the woodwork with new technologies. It’s great to have choices, but there are just too many security options for SOC teams to manage. And interoperability is non-existent with so many new offerings hitting the market, creating a management nightmare for SOCs.