SOC-CMM certification

SOC-CMM certification

SOC-CMM certification helps SOCs to verify and show that their SOC service are of high quality and standards. The certification process uses a set of controls, derived from the SOC-CMM assessment. Using these controls, a SOC can pursue certification at one of 3 levels
- defined, where security operations are conducted in a standardised and controlled manner
- validated, where SOCs are running services that are evaluated for efficiency and effectiveness regarding detection of cyber attacks
- risk-driven, where SOCs are able to provide services that are based on actual CTI and address company risk

Certification services are delivered by authorised certification partners.

Pilot stage

Currently, SOC certification is in the final stages of the pilot. The certification program is expected to go live on October 31st. If you wish to be kept up to date of the progress of the pilot, subscribe to the SOC-CMM mailing list below.



List of certified SOCs

CountryCertification IDCompany nameCertification level 
    Netherlands   2OI2-OFKL-EI0S-98ES   Fox-IT   Risk-driven Get in touch...
    Netherlands   8YMB-S0QH-WQ3A-4XCH   Northwave   Risk-driven Get in touch...
    United Arab Emirates   C10Z-1FP6-PU3J-TR18   HelpAG   Risk-driven Get in touch...
    Brazil   FCW9-Y8S4-FJG1-IRXG   iT.eam   Risk-driven Get in touch...

SOC-CMM Mailinglist



If you wish to be informed about updates to the SOC-CMM, use the form below to sign up to the newsletter. Your email address will not be shared or used for any other purpose than information about the SOC-CMM. The SOC-CMM mailinglist is powered by MailChimp. If you do not receive an email to confirm your subscription, please check your spam folder.

* indicates required field