all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

What ticketing system do you use to track and correlate incidents?

Add to bookmarks
Sept. 18, 2023, 4:04 p.m. | /u/AbracaBOOYAH

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

My employer (based in the US) is wanting me to investigate moving to a ticketing system that will automatically take the IOCs and other useful intel-based information (domain registrar, registered email addresses, cert registered names, cert hashes, etc.) and tie them together.

Additional context: This is because of the US SEC ruling of having to report material breaches, and the employer wants to make sure that lots of "little attacks" over time are not part of a larger "material" breach. …

addresses blueteamsec cert context domain domain registrar email employer etc hashes incidents information intel iocs moving names registrar system ticketing track

Visit resource

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

DHS, CISA Announce Membership Changes to the Cyber Safety Review Board | CISA 19 hours ago | www.reddit.com
blueteamsec board cisa cyber +5
Invoke-RunAsWithCert: A PowerShell script to perform PKINIT authentication with the Windows API from a non … 23 hours ago | www.reddit.com
api authentication blueteamsec domain +8
Breaking down Microsoft’s pivot to placing cybersecurity as a top priority 1 day, 5 hours ago | www.reddit.com
blueteamsec breaking cybersecurity down +2
Russian suspected cybercrime kingpin pleads guilty in US, TASS reports 1 day, 7 hours ago | www.reddit.com
blueteamsec cybercrime guilty pleads guilty +3
Identity Behind Massive Discord Spying Tool Revealed due to Infostealer Infection 1 day, 9 hours ago | www.reddit.com
blueteamsec discord identity infection +3
How to enforce usage of Privileged Access Workstations for Admins 2 days, 22 hours ago | www.reddit.com
access blueteamsec privileged privileged access +1
Attribution of a Russian cyber campaign The Federal Government condemns in the strongest possible terms … 3 days, 17 hours ago | www.reddit.com
actor apt28 attribution blueteamsec +14
North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts 4 days, 20 hours ago | www.reddit.com
blueteamsec dmarc exploit north +5
Investigating Microsoft Graph Activity Logs 4 days, 22 hours ago | www.reddit.com
blueteamsec graph logs microsoft

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information System Security Officer (ISSO)

@ LinQuest | Boulder, Colorado, United States
View on infosec-jobs.com

Project Manager - Security Engineering

@ MongoDB | New York City
View on infosec-jobs.com

Security Continuous Improvement Program Manager (m/f/d)

@ METRO/MAKRO | Düsseldorf, Germany
View on infosec-jobs.com

Senior JavaScript Security Engineer, Tools

@ MongoDB | New York City
View on infosec-jobs.com

Principal Platform Security Architect

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Staff Cyber Security Engineer (Emerging Platforms)

@ NBCUniversal | Englewood Cliffs, NEW JERSEY, United States
View on infosec-jobs.com
View more jobs