Hey SecOps SIEM enthusiasts. We just published a part 1 of two part series blog about detecting impossible travel using SecOps SIEM. It dives into implementing detection methods using custom YARA-L Detection rule, leveraging GeoSpatial and GeoIP enrichment. Check it out here.
Part 2 SecOps SOAR coming next week.
If you haven't seen it already, we just released the Part 2 blog in this series, where we take the next step and focus on building an associated SecOps SOAR Playbook to provide security analysts with an actionable alert. Check it out here.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.