Do You Trust Your SIEM?
Anton on Security
OCTOBER 21, 2021
you trust the SIEM to map the events to the correct category and not to confuse “password guessing” with “logon failure” or whatever You then trust that the detection logic (rules) is written correctly so that nobody mistyped “context.asset.vulnerability.severity” as “asset.context.vulnerability.severity” in a rule they wrote.
Let's personalize your content