Cookie Consent by Free Privacy Policy website

Measuring capability maturity

in Security Operations Centers

Measure Capability & Maturity

The SOC-CMM provides you with the ability to measure your SOCs capability and maturity

more details...

Measure across 5 domains

Measure maturity across 5 domains and technical capability across 2 domains

more details...

Based on solid research

The SOC-CMM is based on solid scientific research with a strong focus on usability and applicability in practice

more details...


Assessing the SOC against a cybersecurity framework or CMM can be a very powerful way to look holistically at SOC capabilities. [...] There are open-source methodologies such as the SOC CMM, which combines a set of measures and process specifically for measuring the SOC.

MITRE - 11 Strategies of a World-class Cybersecurity Operations Center

The value of [the SOC-CMM] lies in the structuring of SOC diversity and a plethora of methods. Thereby, [the SOC-CMM] provides a means to determine the added value of a SOC to the organisation and whether or not the investment in the SOC is acceptable.

JBISA Award - Jury verdict

The maturity level of a SOC can be established with the help of the SOC-CMM - the SOC Capability & Maturity Model. The principles in this model can also serve as the starting point for a roadmap or as a checklist for building a SOC.

NCSC - Factsheet on Security Operations Centers

The best freely available audit tool for SOC maturity is the SOC-CMM. It provides basic and advanced audit spreadsheets to allow for the assessment of your SOC. The download and use is free. [...] The [SOC-CMM] covers extensive checks for the existence of technology, capability, training programs, etc.

Christopher Crowley - Instructor SANS Course MGT517:Managing Security Operations

When designing processes and workflows, the human parameters of SIM3, the ENISA CSIRT maturity assessment model and the SOC capability and maturity model (SOC-CMM) might be relevant tools for validating their completeness and coverage.

ENISA Report - How to set up CSIRT and SOC - Good practice guide

Download the SOC-CMM self-assessment now!

Click the button below to proceed to the download section and start improving your SOC today