SANS 2024 SOC Survey on Security Operations Challenges

This technical report presents the findings of the SANS 2024 SOC Survey, which focuses on the challenges faced by Security Operations Centers (SOCs) in various organizations. The report outlines the demographics of the survey respondents, including their roles, organizational sizes, and geographical locations. It highlights key issues such as budget uncertainties, staffing levels, and the barriers to effective SOC operations, including a lack of automation and skilled personnel. The report also discusses trends in SOC architecture, noting a shift towards cloud-based solutions and centralized SOC structures. Additionally, it examines the use of metrics for justifying resources and the evolving practices in threat hunting automation. The findings aim to provide organizations with a basis for comparison and insights into improving their SOC performance and addressing operational challenges.