all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

What are your best False Positive SIEM tips to save juniors time?

Add to bookmarks
Sept. 21, 2022, 12:03 a.m. | /u/PhoenixOfStyx

cybersecurity www.reddit.com

Ended up wasting a solid, like 3 months of bruteforce alerts before I realized that they were all due to password changes and subsequent sync issues.

What kinds of false positives have you seen in SIEMs that could have taken so much less time?

cybersecurity false positive siem tips

Visit resource

More from www.reddit.com / cybersecurity

Russian hackers attack Texas water facility 2 hours ago | www.reddit.com
cybersecurity
Are We Ready for a Cyber Attack on Food and Farming? : Authorities are working … 5 hours ago | www.reddit.com
agriculture attack cyber cybersecurity +9
2x Actively Exploited Cisco CVEs in Adaptive Security Compliance (ASA) & Firepower Threat Defense (FTD) 6 hours ago | www.reddit.com
actively exploited adaptive security asa cisco +15
Sr. Analyst or Engineer Role? 7 hours ago | www.reddit.com
analyst ask cybersecurity engineer +8
Ring customers get $5.6 million in privacy breach settlement 8 hours ago | www.reddit.com
breach customers cybersecurity privacy +3
Nontechnical GRC 8 hours ago | www.reddit.com
auditor aware controls cybersecurity +8
How to land a Soc Analyst L1 job? 8 hours ago | www.reddit.com
advice analyst blue certifications +10
FTC bans non competes. F yeah. 11 hours ago | www.reddit.com
bans cybersecurity ftc non
Has anyone tried SentinelOne's Purple AI? What are your thoughts on it? 11 hours ago | www.reddit.com
cybersecurity purple purple ai sentinelone +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

EY GDS Internship Program - SAP, Cyber, IT Consultant or Finance Talents with German language

@ EY | Wrocław, DS, PL, 50-086
View on infosec-jobs.com

Security Architect - 100% Remote (REF1604S)

@ Citizant | Chantilly, VA, United States
View on infosec-jobs.com

Network Security Engineer - Firewall admin (f/m/d)

@ Deutsche Börse | Prague, CZ
View on infosec-jobs.com

Junior Cyber Solutions Consultant

@ Dionach | Glasgow, Scotland, United Kingdom
View on infosec-jobs.com

Senior Software Engineer (Cryptography), Bitkey

@ Block | New York City, United States
View on infosec-jobs.com
View more jobs