{"id":52049,"date":"2023-05-24T18:35:00","date_gmt":"2023-05-24T18:35:00","guid":{"rendered":"https:\/\/www.networkworld.com\/article\/3696981\/why-it-makes-sense-to-converge-noc-and-soc.html#tk.rss_security"},"modified":"2023-05-24T18:35:00","modified_gmt":"2023-05-24T18:35:00","slug":"why-it-makes-sense-to-converge-the-noc-and-soc","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/","title":{"rendered":"Why it makes sense to converge the NOC and SOC"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/article\/2023\/03\/shutterstock_1798109056_decision-making_ciso_soc-1200x800-100938878-large.jpg?auto=webp&amp;quality=85,70\" class=\"ff-og-image-inserted\"><\/div>\n<p>It\u2019s been 17 years and counting since Nemertes first wrote about the logic of integrating event response in the enterprise: bringing together the security operations center (SOC) and network operations center (NOC) at the organizational, operational, and technological levels. Needless to say, this has not happened at most organizations, although there has been a promising trend toward convergence in the monitoring and data management side of things. It\u2019s worth revisiting the issue.<\/p>\n<h2>Why converge?<\/h2>\n<p>The arguments for convergence remain pretty compelling:<\/p>\n<ul>\n<li>Both the NOC and SOC are focused on keeping an eye on the systems and services comprising the IT environment; spotting and understanding anomalies; and spotting and responding to events and incidents that could affect or are affecting services to the business.<\/li>\n<li>Both are focused on minimizing the effects of events and incidents on the business.<\/li>\n<li>The streams of data they watch overlap hugely.<\/li>\n<li>They often use the same systems (e.g. Splunk) in managing and exploring that data.<\/li>\n<li>Both are focused on root-cause analysis based on those data streams.<\/li>\n<li>Both adopt a tiered response approach, with first-line responders for \u201cbusiness as usual\u201d operations and occurrences, and anywhere from one to three tiers of escalation to more senior engineers, architects, and analysts.<\/li>\n<li>Most crucially: When something unusual happens in or to the environment (that router is acting funny), it can be very hard to know up front whether it is fundamentally a network issue (that router is acting funny \u2013 it has been misconfigured) or a security issue (that router is acting funny \u2013 it has been compromised) or both (that router is acting funny \u2013 it has been misconfigured and is now a serious vulnerability). Having fully separate NOC and SOC can mean duplicative work as both teams pick something up and examine it. It can mean ping-ponging incidents that bounce from one to the other, or incidents that neither picks up, thinking the other has or will.<\/li>\n<\/ul>\n<p>At the very least, the lower tiers of separate NOC and SOC operations should be converged, so that there is neither duplication nor a game of hot potato as staff try to figure out what a problem actually is, and whether the response will be network focused, security focused, or both. Maintaining separate or semi-separate escalation paths is supportable given that lower-level convergence.<\/p>\n<h2>Why we don\u2019t converge<\/h2>\n<p>The obstacles to fuller convergence are pretty persistent:<\/p>\n<ul>\n<li>The network team and the security team are rarely the same team in any large organization, and usually do not report to the same person. There may be two or three hops up an org chart to get to a point of convergence. So, leadership differences come into play, as do differing agendas, strategies, goals, and budget pools.<\/li>\n<li>Organizations have often, and for years, outsourced the NOC and insourced the SOC, or vice versa, or outsourced both \u2013 but to different providers, and on different lifecycles. This makes it harder to come together on responsibilities, harder to integrate teams, harder to integrate platforms and data streams and views of the data.<\/li>\n<li>SOC staff are used to operating in an environment focused on retaining evidence of a crime, establishing chain of custody of that evidence, and so on; network teams, far less so.<\/li>\n<\/ul>\n<h2>Why are we talking about this right now?<\/h2>\n<p>The time is right to revisit this topic because network and security operational concerns are getting ever more intertwined, in part because network and security infrastructures are converging. In the 17 years (and two months) since I first wrote about this, we have seen among other things the rise of software-defined networking&nbsp;\u2013 <a href=\"https:\/\/www.networkworld.com\/article\/3690277\/when-does-sd-wan-make-sense.html\">especially SD-WAN<\/a> \u2013 and of zero trust network architecture (ZTNA), and the advent of SASE and of <a href=\"https:\/\/www.networkworld.com\/article\/3679729\/should-security-systems-be-the-network.html\">security devices <em>being<\/em> the network<\/a>. We\u2019ve also come to live in an age of adaptive persistent threats, multi-threaded attacks, botnets as a service, spear phishing, and rapidly propagating ransomware.<\/p>\n<p>In an environment where any part of the network might be a key component of the security infrastructure, and any anomalous event could require a comprehensive network AND security response, the convergence of the NOC and the SOC makes more sense than ever.<\/p>\n<aside class=\"nativo-promo nativo-promo-1 smartphone\" id> <\/aside>\n<div class=\"end-note\"> <!-- blx4 #2005 blox4.html --> <\/p>\n<div id class=\"blx blxParticleendnote blxM2005 blox4_html blxC23909\">\n<p> <strong>Next read this:<\/strong> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> READ MORE <a href=\"https:\/\/www.networkworld.com\/article\/3696981\/why-it-makes-sense-to-converge-noc-and-soc.html#tk.rss_security\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\nIt\u2019s been 17 years and counting since Nemertes first wrote about the logic of integrating event response in the enterprise: bringing together the security operations center (SOC) and network operations center (NOC) at the organizational, operational, and technological levels. Needless to say, this has not happened at most organizations, although there has been a promising trend toward convergence in the monitoring and data management side of things. It\u2019s worth revisiting the issue.Why converge?<br \/>\nThe arguments for convergence remain pretty compelling:<br \/>\nBoth the NOC and SOC are focused on keeping an eye on the systems and services comprising the IT environment; spotting and understanding anomalies; and spotting and responding to events and incidents that could affect or are affecting services to the business.<br \/>\nBoth are focused on minimizing the effects of events and incidents on the business.<br \/>\nThe streams of data they watch overlap hugely.<br \/>\nThey often use the same systems (e.g. Splunk) in managing and exploring that data.<br \/>\nBoth are focused on root-cause analysis based on those data streams.<br \/>\nBoth adopt a tiered response approach, with first-line responders for \u201cbusiness as usual\u201d operations and occurrences, and anywhere from one to three tiers of escalation to more senior engineers, architects, and analysts.<br \/>\nMost crucially: When something unusual happens in or to the environment (that router is acting funny), it can be very hard to know up front whether it is fundamentally a network issue (that router is acting funny \u2013 it has been misconfigured) or a security issue (that router is acting funny \u2013 it has been compromised) or both (that router is acting funny \u2013 it has been misconfigured and is now a serious vulnerability). Having fully separate NOC and SOC can mean duplicative work as both teams pick something up and examine it. It can mean ping-ponging incidents that bounce from one to the other, or incidents that neither picks up, thinking the other has or will.<\/p>\n<p>At the very least, the lower tiers of separate NOC and SOC operations should be converged, so that there is neither duplication nor a game of hot potato as staff try to figure out what a problem actually is, and whether the response will be network focused, security focused, or both. Maintaining separate or semi-separate escalation paths is supportable given that lower-level convergence.To read this article in full, please click here READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":52050,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[738],"tags":[2767,1061,1341,1109],"class_list":["post-52049","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-networkworld","tag-network-monitoring","tag-network-security","tag-sd-wan","tag-sdn"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Why it makes sense to converge the NOC and SOC 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why it makes sense to converge the NOC and SOC 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-24T18:35:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/images.idgesg.net\/images\/article\/2023\/03\/shutterstock_1798109056_decision-making_ciso_soc-1200x800-100938878-large.jpg?auto=webp&amp;quality=85,70\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Why it makes sense to converge the NOC and SOC\",\"datePublished\":\"2023-05-24T18:35:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/\"},\"wordCount\":700,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/why-it-makes-sense-to-converge-the-noc-and-soc.jpg\",\"keywords\":[\"Network Monitoring\",\"Network Security\",\"SD-WAN\",\"SDN\"],\"articleSection\":[\"Networkworld\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/\",\"name\":\"Why it makes sense to converge the NOC and SOC 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/why-it-makes-sense-to-converge-the-noc-and-soc.jpg\",\"datePublished\":\"2023-05-24T18:35:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/why-it-makes-sense-to-converge-the-noc-and-soc.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/why-it-makes-sense-to-converge-the-noc-and-soc.jpg\",\"width\":150,\"height\":100},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-it-makes-sense-to-converge-the-noc-and-soc\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Network Monitoring\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/network-monitoring\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Why it makes sense to converge the NOC and SOC\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why it makes sense to converge the NOC and SOC 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/","og_locale":"en_US","og_type":"article","og_title":"Why it makes sense to converge the NOC and SOC 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-05-24T18:35:00+00:00","og_image":[{"url":"https:\/\/images.idgesg.net\/images\/article\/2023\/03\/shutterstock_1798109056_decision-making_ciso_soc-1200x800-100938878-large.jpg?auto=webp&amp;quality=85,70","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Why it makes sense to converge the NOC and SOC","datePublished":"2023-05-24T18:35:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/"},"wordCount":700,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/why-it-makes-sense-to-converge-the-noc-and-soc.jpg","keywords":["Network Monitoring","Network Security","SD-WAN","SDN"],"articleSection":["Networkworld"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/","url":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/","name":"Why it makes sense to converge the NOC and SOC 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/why-it-makes-sense-to-converge-the-noc-and-soc.jpg","datePublished":"2023-05-24T18:35:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/why-it-makes-sense-to-converge-the-noc-and-soc.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/why-it-makes-sense-to-converge-the-noc-and-soc.jpg","width":150,"height":100},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/why-it-makes-sense-to-converge-the-noc-and-soc\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Network Monitoring","item":"https:\/\/www.threatshub.org\/blog\/tag\/network-monitoring\/"},{"@type":"ListItem","position":3,"name":"Why it makes sense to converge the NOC and SOC"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52049","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52049"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52049\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/52050"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52049"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52049"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52049"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}