We changed our name from IT Central Station: Here's why

Badges

260 Points
3 Years
Top 5

User Activity

About 14 hours ago
Hi @Evgeny Belenky, I think as long as you do this thing manually, you will always have to be subjective. One will always say alerts from critical assets first, setting them with higher priority. But the concept of threat intelligence will help. Threat intelligence feeds…
1 day ago
Hi @Giusel, With the rise in insider threats, the idea of UEBA is becoming a must-have component in SOC.  This makes it necessary to have AD users or users from any other source to be available for monitoring in SIEM platforms. RSA NWP does this and definitely many other…
3 months ago
3 months ago
Hi Giusel, From my little experience, it's always good to have a good working plan on how you are going to start setting up a SOC and how you are going to gradually mature the SOC. The primary consideration is the availability of 3 components: people, technology and…
4 months ago
Hi Rony,  Playbook automates the gathering of threat intelligence from a myriad of sources of threat intelligence. Playbooks ingest alerts from tools like SIEM and scan the alerts against the threat intelligence sources like VirusTotal and others in order to get information…
10 months ago
Great advises,