all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Turning Alert Fatigue into Actionable Alerts

Add to bookmarks
Nov. 4, 2022, 4:11 a.m. | /u/RedNeckHutch

cybersecurity www.reddit.com

Hey everybody, I currently am a SIEM engineer working for a MSSP. We currently leverage a multi-tenant platform that has pre-built detections that leverage machine learning. Out of the box there are around 150 ish machine learning detections. We have also create custom detections for specific TTPs and audit items. Along with a large Splunk instance.

Our team is developing alert fatigue because of the pure volume of alerts. We are only generating actionable tickets from around 20 of the …

actionable alert alert fatigue alerts cybersecurity

Visit resource

More from www.reddit.com / cybersecurity

More than 800 vulnerabilities resolved through CISA ransomware notification pilot 5 hours ago | www.reddit.com
cisa cybersecurity notification pilot +2
Top cybersecurity stories for the week of 04-22-24 to 04-26-24 5 hours ago | www.reddit.com
ciso cyber cyber security cybersecurity +8
Reddit down in major outage blocking access to web, mobile apps 8 hours ago | www.reddit.com
access apps blocking cybersecurity +7
Here's my article on Phishing Email Investigation: A Step-by-Step Analysis. Do read and let me … 8 hours ago | www.reddit.com
analysis article cybersecurity email +5
Secondary cysec skill? 9 hours ago | www.reddit.com
aim consultant contractor cybersecurity +9
Any ideas on how I can convince my boss to not require users to give … 12 hours ago | www.reddit.com
admin admin rights boss can +11
Encryption Keys Rotation 13 hours ago | www.reddit.com
cybersecurity data encrypted encryption +15
ArcaneDoor hackers exploit Cisco zero-days to breach govt networks 18 hours ago | www.reddit.com
arcanedoor breach cisco cybersecurity +5
Advice for imposter syndrome 18 hours ago | www.reddit.com
advice analyst ask current +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Architect - Hardware

@ Intel | IND - Bengaluru
View on infosec-jobs.com

Elastic Consultant

@ Elastic | Spain
View on infosec-jobs.com

OT Cybersecurity Specialist

@ Emerson | Abu Dhabi, United Arab Emirates
View on infosec-jobs.com

Security Operations Program Manager

@ Kaseya | Miami, Florida, United States
View on infosec-jobs.com

Senior Security Operations Engineer

@ Revinate | Vancouver
View on infosec-jobs.com
View more jobs