Incident Response, SIEM, SOC Playbook Quick reference
This digital copy of Incident Response, SIEM, SOC Playbook Quick reference is a handbook for blue team/SOC/Security Team/Digital Forensics and Incident Response (DFIR)
A SOC stands for Security Operations Center. It is a centralized facility or team responsible for monitoring, detecting, analyzing, and responding to security incidents in an organization’s IT infrastructure. The primary function of a SOC is to ensure the confidentiality, integrity, and availability of the organization’s information assets by proactively identifying and mitigating security threats and vulnerabilities.
Showing all 4 results
This digital copy of Incident Response, SIEM, SOC Playbook Quick reference is a handbook for blue team/SOC/Security Team/Digital Forensics and Incident Response (DFIR)
This Splunk enhancement add-on pack provides additional normalization and CIM mapping to the original apps. Those enhancements are based on best practices and therefore can enhance Splunk detection ratio and more effective investigation for SOC team.
This Splunk Security Detection Correlation Rule and Dashboard pack contain Splunk correlation rule and dashboard developed by our team. All the correlation rules are not overlapped with Splunk Enterprise Security, Splunk Security Essentials, and Splunk ES Content Update.