all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Philosophical questions about SIEM and SOAR

Add to bookmarks
Aug. 25, 2023, 4:30 p.m. | /u/ArtichokeHorror7

cybersecurity www.reddit.com

Where would you put the line between:

\- Using SOAR to get rid of alerts generated by bad detection

\- Not incorporating all the SOAR capabilities



If just one active check against an API can close the alert with 100% confidence vs 99% using an exclusion in the SIEM, does it still worth it?

When will the performance be a factor?

What are the key metrics in SOAR to identify a bad detection?

alert alerts api bad capabilities check cybersecurity detection generated questions rid siem soar

Visit resource

More from www.reddit.com / cybersecurity

For those actively in the job market and having trouble, what specifically is the hardest … 5 hours ago | www.reddit.com
bad current cybersecurity experience +9
Dropbox Says Hackers Breached Digital-Signature Product 6 hours ago | www.reddit.com
breached cybersecurity digital dropbox +3
Creating a breach search website? 11 hours ago | www.reddit.com
breach breached breaches companies +11
Is it normal to see your tools lie? 12 hours ago | www.reddit.com
alert cybersecurity dig expect +10
Remediation Timelines for different types of Network Devices 12 hours ago | www.reddit.com
best practices business business continuity challenges +16
Need to vent. Mantrap to be used as auxiliary office… 16 hours ago | www.reddit.com
cybersecurity intern key leadership +7
DNS + Webfiltering solution(s) 16 hours ago | www.reddit.com
cybersecurity dns don love +8
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks 17 hours ago | www.reddit.com
compromised cybercriminals cybersecurity nation +6
Attackers Planted Millions of Imageless Repositories on Docker Hub 18 hours ago | www.reddit.com
attackers cybersecurity docker docker hub +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs