資安事件回應、SIEM、SOC 手冊 (Playbook) 快速參考
This digital copy of Incident Response, SIEM, SOC Playbook Quick reference is a handbook for blue team/SOC/Security Team/Digital Forensics and Incident Response (DFIR)
SIEM 代表安全資訊和事件管理。 SIEM 解決方案是一個軟體平台或系統,它結合了安全資訊管理 (SIM) 和安全事件管理 (SEM) 功能,可對組織 IT 基礎架構內各種來源的安全事件和日誌進行即時分析和關聯。
顯示所有 3 個結果
This digital copy of Incident Response, SIEM, SOC Playbook Quick reference is a handbook for blue team/SOC/Security Team/Digital Forensics and Incident Response (DFIR)
This Splunk enhancement add-on pack provides additional normalization and CIM mapping to the original apps. Those enhancements are based on best practices and therefore can enhance Splunk detection ratio and more effective investigation for SOC team.
This Splunk Security Detection Correlation Rule and Dashboard pack contain Splunk correlation rule and dashboard developed by our team. All the correlation rules are not overlapped with Splunk Enterprise Security, Splunk Security Essentials, and Splunk ES Content Update.