Why SOC is important for an organization? What are the main challenges of the modern SOC?
Hi SOC analysts and other infosec professionals,
Which standard/custom method do you use to decide about the alert severity in your SOC?
Is it possible to avoid being too subjective? How do you fight the "alert fatigue"?
Hi dear community,
Can you explain what an incident response playbook is and the role it plays in SOAR? How do you build an incident response playbook?
Do SOAR solutions come with a pre-defined playbook as a starting point?