June 30, 2020
SoC SIEM Use Cases
The use cases are critical to identifying any of the early, middle, and end-stage operations of the adversary. A small abnormal event can be a clue to a larger attack. There also needs to be a Playbook on how to respond. What are Use Cases A use case can be technical rules or condition applied on logs which are ingested into the SIEM. Eg – […]