Detection Engineering and SOC Scalability Challenges (Part 2)
Anton on Security
SEPTEMBER 21, 2023
despite “output-driven SIEM” concept having been invented before 2012 (to be honest, I stole the idea from a Vigilant consultant back in 2012). Note that some of the rules/content may be created by the tool vendor while the rest is created by the customer. What data do we collect?” tends to predate “what do we actually want to do?”
Let's personalize your content