1. Bidou R, Bourgeois J, Spies F (2004) Towards a global security architecture for intrusion detection and reaction management. In: Information security applications, vol 2908. Springer Berlin Heidelberg, Berlin/Heidelberg, pp 111–123

2. Crowley C, Pescatore J (2019) Common and best practices for security operations centers: results of the 2019 SOC survey, SANS Institute. Available online at https://www.sans.org/media/analyst-program/common-practices-security-operations-centers-results-2019-soc-survey-39060.pdf

3. Dietz M, Vielberth M, Pernul G (2020) Integrating digital twin security simulations in the security operations center. In: Proceedings of the 15th international conference on Availability, Reliability and Security (ARES). ACM, pp 1–9

4. Kelley D, Moritz R (2006) Best practices for building a security operations center. Inf Syst Secur 14(6):27–32

5. Madani A, Rezayi, S, Gharaee, H (2011) Log management comprehensive architecture in Security Operation Center (SOC), 2011 International Conference on Computational Aspects of Social Networks (CASoN), Salamanca, pp 284–289