Identifying Your Role

The roles listed here are the typical roles or functions of a Security Operations Center (SOC). Determine the role or roles that you perform in the SOC. You can use these functions as a guide to decide how to set up and navigate NetWitness so that you can efficiently perform your job tasks.

netwitness_asocteam_96x142.png netwitness_socmgr_120x163.png


  • Manage SOC readiness
  • Respond to incidents
  • Respond to data breaches
  • Monitor and protect privacy
    and sensitive information
netwitness_ir_105x123.png netwitness_hunt_86x122.png netwitness_conexp_105x115.png netwitness_sysadm_81x125.png
  • Respond to incidents
  • Remediate incidents
  • Hunt for threats

  • Conduct forensic analysis

  • Recommend issues for remediation

  • Remediate issues

  • Investigate new threat intelligence

  • Evaluate and create new feeds

  • Create correlation rules to flag indicators of compromise

  • Install and configure equipment and software

  • Manage user access

  • Monitor and fine tune performance

  • Backup and restore data

  • Manage storage and archives

  • Update software

  • Create reports for regulatory compliance