SAUSAGE, the SOC Assistant for Useful Service and Greater Experience

SAUSAGE is a SOC procurement framework to:

SAUSAGE was developed using multiple references from academia, ENISA, FIRST, SANS and others.

SAUSAGE Framework

follow_the_signs Mission and Services

The SOC must provide added-value to the organisation.

view_list Security events and incidents

Security event analysis: the SOC manages and triage of security events

Incident handling: the SOC manages security incidents after triage. It is usually done for low risk incidents

Forensics: the SOC looks for root cause issues of security incidents

electric_bolt Threat management

Threat intelligence: the SOC produces threat intelligence to alert on the threats exposure for the assets in scope

Threat hunting: the SOC attempts to discover live threats in the assets in scope from known indicators, artefacts or TTPs