This post has been de-listed
It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.
8
How to enhance the Security Operations (SIEM&SOAR?
Post Flair (click to view more posts with a particular flair)
Post Body
At our organization, we're currently using Managed XDR from Sophos, which includes Sophos EDR ( endpoints and server), Cloud App Security for O365, and NDR. We lack the following
- We don't have an in-house SOC team or any SOC analysts or SOC as a service either.
- We don't have a SIEM system in place to aggregate and analyze logs from various sources like firewalls, network switches, CCTV, etc. Since, EDR/XDR is covering only endpoints and servers, we lack security logs visibility from other sources
- We also lack a SOAR solution to automate the responses to the alerts generated from the SIEM
Given this context, what would you all recommend to fill in those gaps?
Author
Account Strength
90%
Account Age
4 years
Verified Email
Yes
Verified Flair
No
Total Karma
1,879
Link Karma
1,311
Comment Karma
123
Profile updated: 3 days ago
Subreddit
Post Details
We try to extract some basic information from the post title. This is not
always successful or accurate, please use your best judgement and compare
these values to the post title and body for confirmation.
- Posted
- 11 months ago
- Reddit URL
- View post on reddit.com
- External URL
- reddit.com/r/AskNetsec/c...