SOC is the human + process side — a team that actively monitors, detects, and responds to threats. SIEM is a tool used inside the SOC that collects and correlates logs from various sources to identify suspicious behavior.