all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

should we write our own custom rule

Add to bookmarks
Dec. 3, 2023, 11:09 a.m. | /u/LocoBronze

cybersecurity www.reddit.com

I am currently employed as a cyber analyst, and we've recently implemented an Endpoint Detection and Response (EDR) system. Upon closer inspection, I've observed that numerous events are not being flagged as alerts.
This raises a crucial question: should I take the initiative to create custom rules to ensure these events are brought to our attention, or should I rely solely on the EDR's intrinsic capabilities to detect and classify threats?
As a potential solution, I'm contemplating the implementation of …

alerts analyst closer custom rules cyber cyber analyst cybersecurity detection detection and response edr endpoint endpoint detection endpoint detection and response events flagged initiative inspection own question response rules system

Visit resource

More from www.reddit.com / cybersecurity

Need to vent. Mantrap to be used as auxiliary office… 6 hours ago | www.reddit.com
cybersecurity intern key leadership +7
Attackers Planted Millions of Imageless Repositories on Docker Hub 8 hours ago | www.reddit.com
attackers cybersecurity docker docker hub +3
Fortify SCA vs SonarQube for SAST 9 hours ago | www.reddit.com
assessment cybersecurity fortify opinion +4
Where can I find a list of vulnerabilities by software providers? 9 hours ago | www.reddit.com
alerts breaches can cve +22
AI Code Assistants and Cybersecurity Risk: 3 Recent Findings 10 hours ago | www.reddit.com
code cybersecurity cybersecurity risk findings +1
London Drugs stores remain closed after 'cybersecurity incident' 10 hours ago | www.reddit.com
cybersecurity cybersecurity incident drugs incident +2
Another major pharmacy chain shuts following possible cyberattack 13 hours ago | www.reddit.com
cyberattack cybersecurity major pharmacy
Cyber security career progression hive-mind 21 hours ago | www.reddit.com
america career career progression coming +6
Tryhack me and HTB 23 hours ago | www.reddit.com
advice cybersec cybersecurity experience +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs