Index of /LabFiles/SOC-Security-Operations-Center/3 SOC team and SIEM

• Parent Directory
• Active Defense summary.JPG
• Categorization and Normalization - the SIEM should be capable of.JPG
• Chronological Attack Models.JPG
• Data Enrichment - at the SIEM.JPG
• Data Quality.JPG
• Decomposition - decomposition of your SOC purpose.JPG
• Decomposition - techniques for investigation.JPG
• Decomposition - techniques for triage and analysis.JPG
• Detection.JPG
• Example investigations playbook.JPG
• Filtering.JPG
• How to collect from data sources.JPG
• Management vs Leadership.JPG
• Modern Defense Mindset.JPG
• Most Important Host-Based Data.JPG
• Most Important Network-Based Data.JPG
• Most Important data sources - additional direction on key data sources.JPG
• Most Important data sources.JPG
• Options for high-volume alerts.JPG
• Parsing your logs.JPG
• Personalized Data Source assessement.JPG
• Practical Collection Issues.JPG
• Probing for technical depth.JPG
• SOAR based playbooks.JPG
• SOC Data Collection Summary.JPG
• SOC planning summary.JPG
• SOC responsibilities and capabilities.JPG
• Storage and Indexing of logs.JPG
• The ideal collection system.JPG
• Tiered vs Tierless SOC alerts triage.JPG
• collection of data.JPG
• steering committee.JPG
• what top SOC departments have in common 1.JPG
• what top SOC departments have in common 2.JPG