Where to Spend Your Time

Areas important to SOC Operations

Endpoint Security

Visão geral das detecções
Fila de incidentes
Fila de detecções
Regex Rules
Whitelisting
Hashes, IPs, Domains

Investigate

CQL Searching of Raw Endpoint logs
IP, hash, domain, user quick lookups
Reports, Event searches, Prebuilt dashboards for hunting, host timelines, etc.

PreviousCrowdStrike Falcon NextTriaging a Detection

Last updated 13 days ago