Advanced SOC Operations / CSOC , Next-Generation Technologies & Secure Development , Security Operations

Understanding and Improving the SOC Analyst Experience

Forrester Researchers on Using AX to Improve the SOC and Security Analyst Workflow
Allie Mellen, analyst, Forrester, and Jeff Pollard, vice president and principal analyst, Forrester

Forrester analysts Allie Mellen and Jeff Pollard discuss their new research on the analyst experience, or AX. AX involves how security analysts perceive their interactions with security products, services and processes, and Mellen and Pollard say it can improve the SOC and security analyst workflow.

See Also: Webinar | Accelerate your SOC with AI-driven security analytics with Elastic and Google Cloud

The challenge is that security tools are not built with the human analyst in mind, Mellen says. "How does this work for the analyst? How is the analyst affected by this? What does this mean for them? That's what's really important here, and that's what's really missing here," she says.

Pollard says that the concept of a "journey map" exists in the worlds of user experience and customer experience, but not for cybersecurity. "The journey maps and the data that we collected really dive into the plight of the SOC analyst and how they are so let down by the tools and technologies they work with."

The two analysts say that through understanding and focusing on AX, security professionals can find more effective security tools, build better workflows and help security analysts make faster, more accurate decisions.

In a video interview with Information Security Media Group, Mellen and Pollard discuss:

  • Forrester's definition of AX and its current state in cybersecurity;
  • How the rise in automated tools affects AX;
  • How security teams can make AX a key building block of detection and response strategies.

Mellen is a Forrester analyst supporting security and risk professionals. She covers all aspects of security infrastructure and operations - the people, processes and tools of the SOC - including security analysts; security information and event management; security user behavior analytics; security analytics; security orchestration, automation and response; endpoint detection and response; extended detection and response; and SOC metrics. Her research focuses on where analytics, detection, automation and response are headed in the security industry.

Pollard primarily contributes to Forrester's offerings for security and risk professionals. He leads Forrester’s research on the role of the CISO, specializing in topics related to security strategy, budgets, metrics, business cases and presenting to the board. His research also includes security services, featuring global coverage of managed security services, professional security services and security as a service. He also takes an active role in Forrester’s forward-looking research on security innovation, the security market and security predictions.

About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.