Rules vs. Reasoning in the Security Ops Center

For the last 15 years, Security Ops Centers have been using rules (aka Boolean logic) to describe situations that look like an attack from the logs collected into their SIEM solutions. As an industry-wide standard practice, the intent is to reduce the volume of events to a reasonable level so that a human can effectively analyze them.

Highlights From Voice Of The Security Analyst Study [Infographic]

Respond Software commissioned the Cyentia Institute, led by founder Wade Baker, to research the tasks conducted in the modern Security Operations Center (SOC). This new report, The Voice of the Analyst Study, focuses on the human side of the SOC/CIRT to build understanding, share insight, and ultimately empower teams to be the best they can be.