資安事件回應、SIEM、SOC 手冊 (Playbook) 快速參考
This digital copy of Incident Response, SIEM, SOC Playbook Quick reference is a handbook for blue team/SOC/Security Team/Digital Forensics and Incident Response (DFIR)
SOC 代表安全營運中心。 它是一個集中式設施或團隊,負責監控、偵測、分析和回應組織 IT 基礎架構中的安全事件。 SOC 的主要功能是透過主動識別和減輕安全威脅和漏洞來確保組織資訊資產的機密性、完整性和可用性。
顯示所有 4 個結果
This digital copy of Incident Response, SIEM, SOC Playbook Quick reference is a handbook for blue team/SOC/Security Team/Digital Forensics and Incident Response (DFIR)
This Splunk enhancement add-on pack provides additional normalization and CIM mapping to the original apps. Those enhancements are based on best practices and therefore can enhance Splunk detection ratio and more effective investigation for SOC team.
This Splunk Security Detection Correlation Rule and Dashboard pack contain Splunk correlation rule and dashboard developed by our team. All the correlation rules are not overlapped with Splunk Enterprise Security, Splunk Security Essentials, and Splunk ES Content Update.