When you ingest alerts, what is your process of handling them? I’ve been in places that have had a strictly manual process, some that have had playbooks to guide analysts, etc I’m surprised by how little automation happens in this space. Most of the resistance I’ve seen is the feeling that having …

How do you weed through your alerts?

Emmaf Split this topic December 13, 2017, 2:37pm 2

5 posts were split to a new topic: Automating phishing

Topic		Replies	Views
Would like to automate more stuff Incident response	4	2268	August 7, 2018
False positive SIEM alerts Triage	1	1502	November 12, 2018
How many SOC Analysts SecOps	3	2138	February 4, 2019
New to SOAR: Q & A Tools	0	2303	August 20, 2018
Hello from Northeast Ohio Welcome & announcements introduction	6	1760	July 10, 2019