Web: https://www.reddit.com/r/cybersecurity/comments/xjoygw/what_are_your_best_false_positive_siem_tips_to/

Sept. 21, 2022, 12:03 a.m. | /u/PhoenixOfStyx

cybersecurity reddit.com

Ended up wasting a solid, like 3 months of bruteforce alerts before I realized that they were all due to password changes and subsequent sync issues.

What kinds of false positives have you seen in SIEMs that could have taken so much less time?

cybersecurity false positive siem tips

Artificial Intelligence and Cybersecurity Researcher

@ NavInfo Europe BV | Eindhoven, Netherlands

Senior Security Engineer (E5) - Infrastructure Security

@ Netflix | Remote, United States

Sr. Security Engineer (Infrastructure)

@ SpaceX | Hawthorne, CA or Redmond, WA or Washington, DC

Senior Global Security Compliance Analyst

@ Snowflake Inc. | Warsaw, Poland

Staff Security Engineer, Threat Hunt & Research (L4)

@ Twilio | Remote - Ireland

Junior Cybersecurity Engineer

@ KUDO | Buenos Aires

iOS Engineer (hybrid / flexibility / cybersecurity)

@ Qustodio | Barcelona, Spain

Security Engineer

@ Binance.US | U.S. Remote

Senior Information Systems Security Officer (ISSO)

@ Sigma Defense | Fayetteville, North Carolina, United States

ATGPAC Battle Lab - Ballistic Missile Defense Commander/Operations Manager

@ Sigma Defense | San Diego, California, United States

Cyber Security - Head of Infrastructure m/f

@ DataDome | Paris

Backend Engineer, Govern: Threat Insights

@ GitLab | Remote