all InfoSec news
Should SOC monitor WAF alerts?
March 28, 2024, 4:38 p.m. | /u/Aleduc_
cybersecurity www.reddit.com
My management has decided that the SOC (me) should monitor WAF alerts in our SIEM (?). I just don't see the point or what can be done:
\- either the traffic has been blocked by the WAF and then no action is required
\- either the traffic went through, and if it is illegitimate, that means the WAF needs improvement, so then no monitoring action to take
Am I missing something?
action alerts blocked can cybersecurity don management monitor point siem soc traffic waf
More from www.reddit.com / cybersecurity
Picking your sources of IoC
1 day, 6 hours ago |
www.reddit.com
Are password requirements useless?
1 day, 6 hours ago |
www.reddit.com
Upcoming conferences for 2024?
1 day, 7 hours ago |
www.reddit.com
How does a processor execute encrypted binaries.
1 day, 8 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg
@ Hifield | Strasbourg, France
Lead Security Specialist
@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas
Consultant SOC / CERT H/F
@ Hifield | Sèvres, France