These resources are intended to guide a SIEM team to…
- Develop a workflow for content creation (and retirement) in the SIEM and other security tools.
- Illustrate detection coverage provided and highlight coverage gaps as goals to fill.
- Eliminate or add additional layers of coverage based on organizational needs.
- Ensure proper logs are generated and recorded for sufficient detection, investigation, and compliance.
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer