Try our new research platform with insights from 80,000+ expert users

Badges

120 Points
5 Years
Top 20

User Activity

Almost 2 years ago
Over 4 years ago
You can not process and generate advanced correlated alerts without aggregation: limiting your correlation to one set of source will let your SIEM blind and unaware of global context So yes, to get an 'EFFECTIVE' event monitoring with the goal to correlate them, you need to…
Over 4 years ago
Yes I would recommend to evaluate it side by side with others as the admin to establish correlation rules and configuration is a bit less intuitive than some competitors, but the SOC analyst interface IS very intuitive, and it’s where you will spend most of your time once…