How to Build a SOC on a Budget

During the last decade, many security-aware organizations have built a Security Operations Center (SOC) which refers to security tools and a team of security personnel using these tools according to predefined procedures. However, creating an organizational SOC can involve a significant investment into hardware and software, and setting up a SOC can be a complex and lengthy process. Although SOC related issues have received a considerable amount of attention in recent academic literature, there are very few recommendations on how to build a SOC in a cost-efficient and scalable way with open-source and free solutions. This paper fills this gap and describes the use-case of a SOC in an academic organization, with the main emphasis being on technical details and implementation recommendations.