Defensive Operation
An organization always needs to have two components of blue team services and digital forensic, in this regard, combining the two services of the blue team with forensic, (which in its job is threat hunting and incident responding) can be a very powerful approach in the field of creating a Security Operations Center (SOC), for this purpose, the management and control of defense and interception systems are undertaken by blue teams and professional monitoring of the collected data is done by the forensic and threat hunting team.