Nov. 16, 2023, 10:28 a.m. | /u/whatamidoinghere009


I'm a soc analyst and I've been tasked with reporting on the alerts our soc team is receiving.

Our infosec team has an app called varonis which has all these monitoring rules in place.

I'm doing a 90 day audit of the alerts that come from this app. We've gotten ~2000 alerts in 90 days and not a single one seems to have been a real attack unless we just suck and are currently pwned.

One specific monitoring rule is …

alarms alerts analyst app called cybersecurity false positives infosec iocs lot monitoring reporting soc soc analyst team varonis

Security Specialist

@ Protect Democracy | Remote, US

Cybersecurity Systems Security Engineer II-T

@ ManTech | 809AR - Ft Carson,Colorado Springs,CO

Security Engineer (Supporting NASA at JSC)

@ KBR, Inc. | USA, Houston, 2101 NASA Parkway, Building 21, Texas

Head of Security & IT

@ ORFIUM | Dublin, County Dublin, Ireland

Chief Privacy Officer

@ Nike | Santa Clara,CA

Security Engineer

@ SPINS | Chicago, IL