{"id":"https://openalex.org/W4402858752","doi":"https://doi.org/10.3390/jcp4040036","title":"Security Operations Centers: Use Case Best Practices, Coverage, and Gap Analysis Based on MITRE Adversarial Tactics, Techniques, and Common Knowledge","display_name":"Security Operations Centers: Use Case Best Practices, Coverage, and Gap Analysis Based on MITRE Adversarial Tactics, Techniques, and Common Knowledge","publication_year":2024,"publication_date":"2024-09-25","ids":{"openalex":"https://openalex.org/W4402858752","doi":"https://doi.org/10.3390/jcp4040036"},"language":"en","primary_location":{"id":"doi:10.3390/jcp4040036","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp4040036","pdf_url":null,"source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.3390/jcp4040036","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028794895","display_name":"Samir Achraf Chamkar","orcid":null},"institutions":[{"id":"https://openalex.org/I4210119856","display_name":"Universit\u00e9 Sultan Moulay Slimane","ror":"https://ror.org/02m8tb249","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210119856"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Samir Achraf Chamkar","raw_affiliation_strings":["LaSTI Laboratory, ENSA Khouribga, Sultan Moulay Slimane University, Beni Mellal 23000, Morocco"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"LaSTI Laboratory, ENSA Khouribga, Sultan Moulay Slimane University, Beni Mellal 23000, Morocco","institution_ids":["https://openalex.org/I4210119856"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014120892","display_name":"Yassine Maleh","orcid":"https://orcid.org/0000-0003-4704-5364"},"institutions":[{"id":"https://openalex.org/I4210119856","display_name":"Universit\u00e9 Sultan Moulay Slimane","ror":"https://ror.org/02m8tb249","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210119856"]}],"countries":["MA"],"is_corresponding":true,"raw_author_name":"Yassine Maleh","raw_affiliation_strings":["LaSTI Laboratory, ENSA Khouribga, Sultan Moulay Slimane University, Beni Mellal 23000, Morocco"],"raw_orcid":"https://orcid.org/0000-0003-4704-5364","affiliations":[{"raw_affiliation_string":"LaSTI Laboratory, ENSA Khouribga, Sultan Moulay Slimane University, Beni Mellal 23000, Morocco","institution_ids":["https://openalex.org/I4210119856"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5086015490","display_name":"Noreddine Gherabi","orcid":"https://orcid.org/0000-0002-2020-249X"},"institutions":[{"id":"https://openalex.org/I4210119856","display_name":"Universit\u00e9 Sultan Moulay Slimane","ror":"https://ror.org/02m8tb249","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210119856"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Noreddine Gherabi","raw_affiliation_strings":["LaSTI Laboratory, ENSA Khouribga, Sultan Moulay Slimane University, Beni Mellal 23000, Morocco"],"raw_orcid":"https://orcid.org/0000-0002-2020-249X","affiliations":[{"raw_affiliation_string":"LaSTI Laboratory, ENSA Khouribga, Sultan Moulay Slimane University, Beni Mellal 23000, Morocco","institution_ids":["https://openalex.org/I4210119856"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5014120892"],"corresponding_institution_ids":["https://openalex.org/I4210119856"],"apc_list":{"value":1000,"currency":"CHF","value_usd":1082},"apc_paid":{"value":1000,"currency":"CHF","value_usd":1082},"fwci":5.8668,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.96281077,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"4","issue":"4","first_page":"777","last_page":"793"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9941999912261963,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9932000041007996,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7659845352172852},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5943836569786072},{"id":"https://openalex.org/keywords/best-practice","display_name":"Best practice","score":0.5316465497016907},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4002634882926941},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.15638414025306702},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.09977594017982483},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.07069998979568481}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7659845352172852},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5943836569786072},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.5316465497016907},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4002634882926941},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.15638414025306702},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.09977594017982483},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.07069998979568481}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/jcp4040036","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp4040036","pdf_url":null,"source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:6a5a48b085904dadb6649f2fb1d7de07","is_oa":true,"landing_page_url":"https://doaj.org/article/6a5a48b085904dadb6649f2fb1d7de07","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Journal of Cybersecurity and Privacy, Vol 4, Iss 4, Pp 777-793 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/jcp4040036","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp4040036","pdf_url":null,"source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W2040576886","https://openalex.org/W2404611963","https://openalex.org/W2888191522","https://openalex.org/W2900542336","https://openalex.org/W2996415795","https://openalex.org/W3007432608","https://openalex.org/W3043081902","https://openalex.org/W3111749540","https://openalex.org/W3176289544","https://openalex.org/W3204889097","https://openalex.org/W3207777896","https://openalex.org/W4205874364","https://openalex.org/W4206405501","https://openalex.org/W4298625430","https://openalex.org/W4313332421","https://openalex.org/W4366319386","https://openalex.org/W4386891250","https://openalex.org/W4399881255","https://openalex.org/W4400282738","https://openalex.org/W4400285409"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W2002383399","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4297672492"],"abstract_inverted_index":{"The":[0,186],"rising":[1],"frequency":[2],"and":[3,11,35,59,75,84,105,153,172,184,202],"complexity":[4],"of":[5,46,99,113,127,148,157,175],"cybersecurity":[6,38,82,201],"threats":[7],"necessitate":[8],"robust":[9],"monitoring":[10],"rapid":[12],"response":[13],"capabilities":[14,104],"to":[15,32,37,94,123,139],"safeguard":[16],"digital":[17],"assets":[18],"effectively.":[19],"As":[20],"a":[21,49,60,96,145,154],"result,":[22],"many":[23],"organizations":[24,137],"are":[25],"increasingly":[26],"establishing":[27],"Security":[28],"Operations":[29],"Centers":[30],"(SOCs)":[31],"actively":[33],"detect":[34],"respond":[36],"incidents.":[39],"This":[40,63,91,160],"paper":[41,92],"addresses":[42],"the":[43,52,66,72,88,100,111,168,179,192],"intricate":[44],"process":[45],"setting":[47],"up":[48],"SOC,":[50],"emphasizing":[51],"need":[53],"for":[54,136],"careful":[55],"planning,":[56],"substantial":[57],"resources,":[58],"strategic":[61],"approach.":[62],"study":[64,132],"outlines":[65],"essential":[67],"steps":[68],"involved":[69],"in":[70,198],"defining":[71],"SOC\u2019s":[73,101],"objectives":[74],"scope,":[76],"selecting":[77],"appropriate":[78],"technologies,":[79],"recruiting":[80],"skilled":[81],"professionals,":[83],"developing":[85],"processes":[86],"throughout":[87],"SOC":[89,128,142,149],"lifecycle.":[90],"aims":[93],"provide":[95],"comprehensive":[97],"understanding":[98],"threat":[102],"detection":[103,158],"use":[106,150],"cases.":[107],"It":[108],"also":[109],"highlights":[110],"importance":[112],"choosing":[114],"technologies":[115],"that":[116,195],"integrate":[117],"seamlessly":[118],"with":[119,167],"existing":[120,181],"IT":[121,182],"infrastructure":[122],"ensure":[124],"broad":[125],"coverage":[126,152],"activities.":[129],"Furthermore,":[130],"this":[131,189],"offers":[133],"actionable":[134],"insights":[135],"looking":[138],"enhance":[140],"their":[141],"capabilities,":[143],"including":[144],"technical":[146],"overview":[147],"case":[151],"gap":[155],"assessment":[156,161],"rules.":[159],"is":[162],"based":[163],"on":[164],"an":[165,173],"alignment":[166],"MITRE":[169],"ATT&amp;CK":[170],"framework":[171],"analysis":[174],"events":[176],"generated":[177],"by":[178],"company\u2019s":[180],"devices":[183],"products.":[185],"findings":[187],"from":[188],"research":[190],"elucidate":[191],"indispensable":[193],"role":[194],"SOCs":[196],"play":[197],"bolstering":[199],"organizational":[200],"resilience.":[203]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":7}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}