As organisations weigh the benefits of outsourced versus in-house SOC/SIEM solutions, understanding their unique challenges and opportunities is crucial. This session will explore the limitations of third-party SIEMs, such as generic rule sets that often fail to detect critical events tailored to specific environments. We'll discuss the process of developing an in-house infrastructure, from parallel running to full deployment, and the hurdles associated with assessing it against existing solutions. We will gain insights into enhancing and enriching in-house SOC/SIEM capabilities, unlocking significant benefits, and effectively quantifying their value. This session is ideal for those looking to optimise their cybersecurity operations and make informed decisions about their infrastructure.