Manage A Remote SOC: Shift Management Tips

For many of us these past few weeks, a day in the office has taken on a whole new meaning and work “colleagues” may now include kids, spouses and pets. As you and your team juggle the realities of working from home with operating a SOC remotely, we want to offer new Cortex XSOAR features, playbooks and best practices to help ease your transition to this new work reality.

This is part of a series of blogs of tips and tools that can be easily deployed with minimum impact – to help you optimize your SOC operations, ramp up support for a remote workforce and ensure your business is secured.

 

Shift Management for Security Analysts

As a SOC manager, you need to maintain the right balance of on-call analysts for maximum productivity and coverage. With a virtual team, it is especially critical to have visibility into team availability so staffing gaps can be resolved quickly. 

Our shift management feature helps you define multiple shifts within Cortex XSOAR. Each shift can be assigned to a user role so you are able to assign one or more analysts across different shifts throughout the day or week. With this feature integrated into Cortex XSOAR, incidents can be routed automatically to analysts based on shifts, workload and machine learning recommendations, ensuring full staff coverage for incoming incidents. 

This screenshots shows an example of how the shift management feature functions in Cortex XSOAR 5.5.

Watch our five-minute video on this feature, “Cortex XSOAR Remote SOC Shift Management.” Shift management will be available in the next bi-weekly content release for Cortex XSOAR 5.5.

 

Turbocharge Your Remote SOC Operations 

If you are new to Cortex XSOAR, we encourage you to take it for a test drive, and feel free to kick the tires while you are at it.  Sign up for the free Community Edition of Cortex XSOAR today.

We hope you enjoyed learning about shift management in Cortex XSOAR. Join us again next week to learn how you can better monitor remote user activity in the next post in our series on the remote SOC.

The free Cortex XSOAR Community Edition is helping more than 4,000 users accelerate incident response.