Try our new research platform with insights from 80,000+ expert users

Badges

325 Points
6 Years
Top 5

User Activity

Over 1 year ago
Over 1 year ago
Contributed a review of Tenable.io Web Application Scanning: Reasonably priced, good pricing, and reliable
Over 1 year ago
Contributed a review of Splunk Infrastructure Monitoring: Simple to install and configure with many interesting features
Over 2 years ago
-Detect unusual/suspicious logins. For example, you can count the number of failed login attempts within a given time  -Detect abnormal traffic which might indicate potential C2 traffic -Detect attempts to access your systems/network from unusual locations / IPs -Monitor…
Almost 3 years ago
Hi @Evgeny Belenky I think as long as you do this thing manually, you will always have to be subjective. One will always say alerts from critical assets first, setting them with higher priority. But the concept of threat intelligence will help. Threat intelligence feeds…
Almost 3 years ago
Hi @Giusel With the rise in insider threats, the idea of UEBA is becoming a must-have component in SOC.  This makes it necessary to have AD users or users from any other source to be available for monitoring in SIEM platforms. RSA NWP does this and definitely many other…
About 3 years ago
Contributed a review of Splunk Enterprise Security: Efficient, scalable, robust and easy to use
About 3 years ago
Hi Giusel From my little experience, it's always good to have a good working plan on how you are going to start setting up a SOC and how you are going to gradually mature the SOC. The primary consideration is the availability of 3 components: people, technology and process.…
Over 3 years ago
Hi Rony,  Playbook automates the gathering of threat intelligence from a myriad of sources of threat intelligence. Playbooks ingest alerts from tools like SIEM and scan the alerts against the threat intelligence sources like VirusTotal and others in order to get information…
Over 3 years ago
Great advises,

Reviews

Tenable.io Web Application Scanning Logo
Over 1 year ago
Tenable.io Web Application Scanning
Splunk Infrastructure Monitoring Logo
Over 1 year ago
Splunk Infrastructure Monitoring
Splunk Enterprise Security Logo
About 3 years ago
Splunk Enterprise Security

Answers

Over 2 years ago
Security Information and Event Management (SIEM)
About 3 years ago
Information Security and Risk Consulting Services
Over 3 years ago
IT Alerting and Incident Management

Comments

Over 3 years ago
Security Information and Event Management (SIEM)