When you ingest alerts, what is your process of handling them? I’ve been in places that have had a strictly manual process, some that have had playbooks to guide analysts, etc I’m surprised by how little automation happens in this space. Most of the resistance I’ve seen is the feeling that having …

How do you weed through your alerts?

Emmaf Split this topic December 13, 2017, 2:37pm 2

5 posts were split to a new topic: Automating phishing

Topic		Replies	Views
Would like to automate more stuff Incident response	4	2267	August 7, 2018
After the Webinar 3/14: Proven Threat Hunting Techniques and the Role of SOAR Events & meetups	2	1213	January 24, 2019
False positive SIEM alerts Triage	1	1502	November 12, 2018
New to automation Welcome & announcements	3	1510	June 11, 2019
DFIR & automation Forensics	4	1659	December 26, 2017