IT Central Station is now PeerSpot: Here's why

Badges

55 Points
3 Years

User Activity

9 months ago
@Evgeny Belenky yeah, "alert fatigue" is also a consequence of the human factor.  Without a continuous process of SOC software configuration, SOC will face this "alert fatigue" issue.  One more thing is gaps between different parts of the SOC team. Multi-experts are…
9 months ago
SOC is the heart of your infrastructure security, a centralized system management mechanism, a collaboration of people and software. It is designed to detect anomalies, highlight real threats in them, and respond to these threats appropriately. SOC has a complex structure…
About 2 years ago
Try Open Threat Exchange otx.alienvault.com The best one, and now researchers from AlienVault is a part of AT&T, so they have really great data sources and expertise in Threat hunting.
About 2 years ago
TLDR: SIEM: Security information management: Long-term storage as well as analysis and reporting of log data. Security event manager: Real-time monitoring, correlation of events, notifications, and console views. SOAR: SIEM + Threat Intelligence (IoC's, AI, etc),…
Over 2 years ago
In general, you will have the same problems with any software for log analysis in DHCP environments. But you can use FQDN and can also install agents on assets with dynamic IP. But really, you will have some difficulties with asset and vulnerability management. Try to…
Almost 3 years ago
Contributed a review of AlienVault OSSIM: Integration with OTX enables us to see which IPs are malicious
Over 3 years ago
Contributed a review of AT&T AlienVault USM: Easy to deploy and flexible enough to create your own plugins

Reviews

Answers

9 months ago
IT Alerting and Incident Management
About 2 years ago
Threat Intelligence Platforms
About 2 years ago
Security Information and Event Management (SIEM)