Updated specific locations to be searchable, take a look at Las Vegas as an example.

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

3
Is email confirmation enough for SOC investigations?
Post Flair (click to view more posts with a particular flair)
Concepts
Post Body

I've worked at multiple places and often times when there is suspicious activities e.g. a user was found download from multiple s3 buckets (which is more security intelligence) vs a user was found downloading pentest tools (more malicious), the SOC team just confirms it via email or teams/slack etc. is this enough? If I had compromise then user, i would just fake these messages. Ofc if the attacker could only access s3, these confirmation would help, but email/teams validation seems like it's not enough.

My question is when is it not enough, some examples would be great, and general thoughts.

Edit: tickets are raised, the question is more on confirming the activities by the user

Author
Account Strength
70%
Account Age
3 years
Verified Email
Yes
Verified Flair
No
Total Karma
783
Link Karma
397
Comment Karma
274
Profile updated: 5 days ago
VertigoRoll

Subreddit

r/AskNetsec

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.
Posted
4 months ago
Reddit URL
View post on reddit.com
External URL
reddit.com/r/AskNetsec/c...