{"id":35671,"date":"2020-06-22T16:00:10","date_gmt":"2020-06-22T16:00:10","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=91371"},"modified":"2020-06-22T16:00:10","modified_gmt":"2020-06-22T16:00:10","slug":"modernizing-the-security-operations-center-to-better-secure-a-remote-workforce","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/","title":{"rendered":"Modernizing the security operations center to better secure a remote workforce"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2020\/06\/SEC20_Security_034-6-22-BANNER.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>The response to COVID-19 has required many security operations centers (SOCs) to rethink how they protect their organizations. With so many employees working remotely, IT groups are <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2020\/03\/26\/alternative-security-professionals-it-achieve-modern-security-controls-todays-unique-remote-work-scenarios\/\" target=\"_blank\" rel=\"noopener noreferrer\">routing more traffic directly to cloud apps, rather than through the network<\/a>. In this model, traditional network security controls aren\u2019t enough. Endpoint signals and identity-based security matter more than ever.<\/p>\n<p>Even under the best circumstances, managing and working in an SOC is stressful\u2014and these aren\u2019t normal times! We know you\u2019re under a lot of pressure, with less visibility and concerns over balancing user productivity without compromising security. But we also know many of the changes companies have made to support remote work during this crisis will remain in place once the virus is gone\u2014some have already announced more flexible and permanent remote work policies. In light of this new reality, the SOC will also need to adjust. In this blog, we\u2019ve outlined some principles of the modern SOC which can guide that transition. You can also hear us discuss these concepts by viewing a replay of the 2020 <a href=\"https:\/\/info.microsoft.com\/en-us-landing-ondemand-US-M365-WBNR-FY20-06Jun-11-Microsoft-Virtual-Security-Compliance-Summit-4826.html\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Virtual Security and Compliance Summit<\/a>.<\/p>\n<h3>It\u2019s a multi-cloud world<\/h3>\n<p>Odds are good your organization doesn\u2019t use just one cloud. You may manage much of your infrastructure on Microsoft Azure, but you also probably use Amazon Web Services (AWS) or Google Cloud Platform (GCP) too. And when we say cloud, we don\u2019t just mean infrastructure as a service (IaaS). We also mean development work on a platform as a service (PaaS) and software-as-a-service (SaaS) apps hosted in a cloud\u2014although it\u2019s not always clear which cloud it\u2019s hosted on. Without visibility across all platforms where business information is stored and transacted, you don\u2019t have a full view of your corporate security program and risk profile.<\/p>\n<p>Although the major cloud service providers offer tools that let you monitor their environment extensively, you need a holistic view to correlate threats and assess how one threat may impact another resource. Solutions like <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/enterprise-mobility-security\/cloud-app-security\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Cloud App Security<\/a> give you tools to detect cloud apps and monitor and protect them, while <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/azure-sentinel\/#product-overview\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Sentinel<\/a> collects and analyzes data across on-premises and in multiple clouds.<\/p>\n<h3>Visibility into <em>all<\/em> connected devices<\/h3>\n<p>As more employees use cloud apps and mobile devices for work, the traditional network security perimeter has lost relevance. This puts greater emphasis on endpoint monitoring and protection. But it goes beyond employee devices. There has been an explosion of the internet of things (IoT) across industries. The industrial internet of things (IIoT) and industrial control systems (ICS) provide yet another opportunity for bad actors to infiltrate your environment. Security platforms like <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/security\/threat-protection\/microsoft-defender-atp\/microsoft-defender-advanced-threat-protection\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Defender Advanced Threat Protection<\/a> (Microsoft Defender ATP) can help you prevent, detect, investigate, and respond to threats across all your endpoints. And Microsoft Defender ATP integrates with <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/threat-protection\/integrated-threat-protection\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Threat Protection<\/a> to give you visibility across devices, identity, cloud apps, data, and infrastructure.<\/p>\n<h3>Humans and machine learning working together<\/h3>\n<p>Part of what makes this job so challenging is the sheer number of endpoints and environments that need to be monitored. Each of those entities produces thousands of alerts\u2014not all of which are legitimate threats. If you are using several security tools that aren\u2019t well integrated, correlating signals across your entire environment is tough. To find the real threats, you may spend hours combing through false positives. Alert fatigue is inevitable, making it easy to miss true issues.<\/p>\n<p>In the modern SOC, artificial intelligence (AI) and machine learning (ML) will be deployed to help people focus on the right problems. If you\u2019re worried that AI and ML will automate you out of a job, \u201chelp people\u201d was the most important part of the previous sentence. We believe people are (and will continue to be) a necessary part of cyber defense work. AI and ML are simply not equipped to do the complex problem solving that people do. What AI and ML can do is reduce the noise, so that people can focus on responding to more complex threats and trying to uncover what the humans behind attacks are planning next.<\/p>\n<p>In solutions like Azure Sentinel, AI and ML reason over massive amounts of data to better detect behavior that indicates compromise. Using probabilistic models, such as Markov Chain Monte Carlo simulations, <a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/reducing-security-alert-fatigue-using-machine-learning-in-azure-sentinel\/\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Sentinel takes low fidelity alerts and combines them into fewer actionable high-fidelity alerts<\/a>, increasing the true positive rate to reduce analyst alert fatigue.<\/p>\n<h3>Gamification of security training<\/h3>\n<p>The core mission of the SOC is to identify compromise rapidly and respond to incidents. In the middle of an attack, minutes matter, so it\u2019s critical that you respond quickly and intelligently. But these are also the moments when adrenaline runs high, and people panic. You may not make the best decisions in a state of high alert. To provide structure during an incident, it helps to have a plan.<\/p>\n<p>A playbook includes a set of processes and steps for various triggers. Written playbooks provide you a reference in the heat of the moment. You can also automate playbooks using the <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/sentinel\/overview\" target=\"_blank\" rel=\"noopener noreferrer\">security orchestration, automation, and response (SOAR) capabilities in solutions like Azure Sentinel<\/a>.<\/p>\n<p>Practicing your plan can help build muscle memory. In tabletop exercises, teams talk though how they would respond to specific scenarios in a low stress environment. When an actual attack occurs, they draw on these exercises to inform decision making.<\/p>\n<p>To better engage participants, many SOCs are gamifying their training sessions. Capture the flag contests divide groups into a red team (the attackers) and a blue team (the defenders) and challenges them to defend (or capture) a computer system. Microsoft\u2019s OneHunt brings together security professionals across the Microsoft organization to conduct a weeklong red team vs. blue team simulation. At the Ignite World Tour, Into the Breach was one of the most popular events. In this game, participants defended a system from an AI-generated attack using Azure Sentinel and Microsoft Threat Protection solutions. Activities like these let teams practice in a fast-moving situation that replicates the experience of a real attack, without the high stakes.<\/p>\n<h3>Learn more<\/h3>\n<p>It\u2019s been a tough few months for technology teams supporting a rapid migration to remote work. As you begin to modernize your SOC for our new reality, the following resources may help:<\/p>\n<p>For more information about Microsoft Security solutions, visit our <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/solutions\" target=\"_blank\" rel=\"noopener noreferrer\">website.<\/a> Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity. Or reach out to Diana on&nbsp;<a href=\"https:\/\/www.linkedin.com\/in\/dianakelleysecuritycurve\/\" target=\"_blank\" rel=\"noopener noreferrer\">LinkedIn<\/a>&nbsp;or&nbsp;<a href=\"https:\/\/twitter.com\/dianakelley14\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>.<\/p>\n<p>READ MORE <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2020\/06\/22\/modernizing-security-operations-center-secure-remote-workforce\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The modern SOC will use machine learning to help humans protect organizations in a multi-cloud, IoT world.<br \/>\nThe post Modernizing the security operations center to better secure a remote workforce appeared first on Microsoft Security. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":35672,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[4620,7220,6717,1064],"class_list":["post-35671","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-microsoft-cloud-app-security","tag-microsoft-defender-advanced-threat-protection","tag-microsoft-defender-atp","tag-security-intelligence"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Modernizing the security operations center to better secure a remote workforce 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Modernizing the security operations center to better secure a remote workforce 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-06-22T16:00:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Modernizing the security operations center to better secure a remote workforce\",\"datePublished\":\"2020-06-22T16:00:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/\"},\"wordCount\":1114,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png\",\"keywords\":[\"Microsoft Cloud App Security\",\"Microsoft Defender Advanced Threat Protection\",\"Microsoft Defender ATP\",\"Security Intelligence\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/\",\"name\":\"Modernizing the security operations center to better secure a remote workforce 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png\",\"datePublished\":\"2020-06-22T16:00:10+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Cloud App Security\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/microsoft-cloud-app-security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Modernizing the security operations center to better secure a remote workforce\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Modernizing the security operations center to better secure a remote workforce 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/","og_locale":"en_US","og_type":"article","og_title":"Modernizing the security operations center to better secure a remote workforce 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-06-22T16:00:10+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Modernizing the security operations center to better secure a remote workforce","datePublished":"2020-06-22T16:00:10+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/"},"wordCount":1114,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png","keywords":["Microsoft Cloud App Security","Microsoft Defender Advanced Threat Protection","Microsoft Defender ATP","Security Intelligence"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/","url":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/","name":"Modernizing the security operations center to better secure a remote workforce 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png","datePublished":"2020-06-22T16:00:10+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce.png","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/modernizing-the-security-operations-center-to-better-secure-a-remote-workforce\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft Cloud App Security","item":"https:\/\/www.threatshub.org\/blog\/tag\/microsoft-cloud-app-security\/"},{"@type":"ListItem","position":3,"name":"Modernizing the security operations center to better secure a remote workforce"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35671","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=35671"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35671\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/35672"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=35671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=35671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=35671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}