SIEM Report to SOC
under review
r
rodrigo otoya
Yes please, i will love to see huntress becoming a trully MXDR ( SIEM, EDR, ITDR, SOAR..)
Chris Bisnett
under review
Chris Bisnett
I like this idea! We don’t yet have a workflow for this type of interaction with the SOC, but this sounds really interesting as long as it doesn’t get out of hand. We don’t want our SOC chasing ghosts, but this would be a much better experience than having to send an email to support and try to relay the data through them.
C
Christopher Culligan
Chris Bisnett I agree and i believe users should also list a reason why they believe the SOC should review the selected logs. Might even have the AI go through it first and doing a criticality rating.