The Security Operations team provides and operates the tactical and functional tools of cybersecurity in an organized approach to identify, protect, respond, and mitigate cyber-security threats for UCLA. Consisting of three major functional roles—Incident Response, Threat Hunting and Testing, and Security Engineering—the team works with multiple departments to deploy, configure, and consume security services to protect the organization.
- Our Incident Response team provides an organized approach to address and manage the aftermath of potential cyber-security related incidents and events. Incident Response formalizes the response process by assisting in identification, recording, and analysis of cyber security threats in real-time. The team also provides guidance and assistance when necessary in recovering from an event.
- Our Threat Hunting and Testing team provide security oversight in the monitoring, discovery, and prioritization of threats throughout the campus. The team is part of a continuous cycle focused on improving security and proactively. minimizing the security risk of UCLA assets.
- Our Security Engineering and Services team help to deploy and manage enterprise security tools utilized by the organization. Working with multiple departments, they assist in the support and integration of these tools into each unit’s respective environment.