Does anyone know if Google have a list of Rules which are available in Chronicle Security and are base on which logs source.
Rules and how they works
+12- Silver 2
Not that I know of
We use SOC Prime as one source for our rule content. We had qradar previously so we recreated the rules that were getting hits. Other sources we use are purple teaming, our intel group and SOC findings. SOC Prime is a great way to stay ahead of things though.
Login to the community
Login with SSO
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.