Blueshift Managed Security Operations Center (SOC) is a 24/7 managed security service hosted on AWS East/West infrastructure. It is staffed by U.S.-based, background-checked analysts who monitor, investigate, and respond to security events across customer environments. The SOC operates as a virtual, zero-trust environment accessible from anywhere, secured via 2FA VPN, ED25519 key exchanges, and hardware OTP keys. Analysts monitor alerts aggregated from Blueshift's XDR platform, covering network events, cloud events, agent events, vulnerability events, and integration events. Key operational aspects include: - Continuous hands-on monitoring by human analysts (not solely automated systems) - 24/7 threat hunting across the full Blueshift XDR platform - Incident response using the OODA (Observe, Orient, Decide, Act) model for faster decision-making - Customer notification with recommended remediation instructions when anomalies are detected - Forensic investigations and isolation actions taken by SOC analysts before customer notification - DevOps engineers embedded alongside analysts for real-time response to detected anomalies - Complimentary consultation and regular cybersecurity advisory meetings - Automated reporting on organizational cybersecurity posture The SOC follows a Monitor → Detect → Respond workflow and supports compliance frameworks including CMMC 2.0, GDPR, HIPAA, FFEIC, and GLBA.