The main objective of a Security Operation Center is to identify attack scenarios based on the analysis of events and flows received from the IT infrastructure. 
Thanks to our "Attacker Centric" approach, the SOC of Würth Phoenix, which is active 24/7, is able to integrate the step of Reconnaissance, fully replicating it within our Threat Intelligence platform SATAYO.
The key feature of the Attacker Centric SOC is to have a RED TEAM, able to exactly simulate the tactics, techniques and procedures (TTP) used by cyber attackers, and a BLUE TEAM, able to write the detection rules necessary to identify such attacks.