all InfoSec news
Philosophical questions about SIEM and SOAR
Aug. 25, 2023, 4:30 p.m. | /u/ArtichokeHorror7
cybersecurity www.reddit.com
\- Using SOAR to get rid of alerts generated by bad detection
\- Not incorporating all the SOAR capabilities
If just one active check against an API can close the alert with 100% confidence vs 99% using an exclusion in the SIEM, does it still worth it?
When will the performance be a factor?
What are the key metrics in SOAR to identify a bad detection?
alert alerts api bad capabilities check cybersecurity detection generated questions rid siem soar
More from www.reddit.com / cybersecurity
Creating a breach search website?
11 hours ago |
www.reddit.com
Is it normal to see your tools lie?
12 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Application Security Engineer - Remote Friendly
@ Unit21 | San Francisco,CA; New York City; Remote USA;
Cloud Security Specialist
@ AppsFlyer | Herzliya
Malware Analysis Engineer - Canberra, Australia
@ Apple | Canberra, Australian Capital Territory, Australia
Product CISO
@ Fortinet | Sunnyvale, CA, United States
Manager, Security Engineering
@ Thrive | United States - Remote