One such constraint is that we can’t keep all of our logs in one place. Our massive log volume also imposed some constraints. As a result, any way to automate or improve triage process efficiency was appealing. This was time not spent hunting for attackers. Apart from building detections to track suspicious behavior and triaging incidents, we also spend large chunks of our time triaging false positive alerts and building context around individual alerts.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |