SOC (Securit Operations Center) keeps abuzz in China security market after 2003. In fact, I kicked off the first SOC project at Nov. 2002, internally when I worked for iS-One as the Chief Strategy Office. After the project initiation, I digged a lot of web information related to SOC. At that period of time, SOC were mainly operated for MSS (Managed Security Service) providers, e.g ISS had six SOC globally. I tried to transfer the concept of SOC from MSS to enterprise security operations and was lucky to win the customer’s buy-in. Then we don’t have such product or even Proof of Concept (PoC) platform at all. We negotiated with eSecurity and made the final decision to build our first SOC upon it.
The first SOC project was finished at about June 2003 and thereafter SOC became a warming-up security market opportunity.
Today most of the major players at China security market claim to have their own SOC platforms and solutions, while many of enterprises are starting to plan and build their own SOC. To be mentioned, most of these SOC projects don’t reach their initial expectation.
While SOC was becoming popular at enterprise security management area, a few pioneer security companies in China began to make their fortune at MSS market with SOC. 263.com, Unihub, Beijing Capital Information Co. and etc. tasted this market at early to around 2002, but they found it difficult to make profit.
A major security vendor – Topsec rolled out their SOC to provide MSS servcies at 2004, built on SOC product from ArcSight, while MSS is one of meaning that another major security vendor Venustech interprets their M2S vision.
To be optimistic, SOC has been entering a new stage where SOC serves for enterprise internal security operations and MSS providers.