-
**Describe the feature:**
Add a basic case workflow integration with third party systems in SIEM app.
- [x] A “case” document structure/schema/index using ECS fields - **Closed:** https://github…
-
-
It is not possible to talk with SOC analysts, when links in wiki are broken
https://github.com/splunk/security_content/wiki/Detection-Analytic-Types
just check "[Baseline Of Cloud Infrastructu…
-
### Request Type
Feature Request
### Problem Description
#12 is great improvement for our preferred workflow, however, few things can be improved:
- Custom fields can be presented in "Filters"…
-
The use cases and implementation process for this framework are not clear. Kindly ask everybody who is concerned to discuss it.
From my point of view. These "tactics and technics" are "theoretical"…
-
Thank you for bringing this to my attention. I was just leaving work after my 100th straight day supporting yet another ransomware attack. I saw your reported CVE and my jaw literally dropped to the f…
-
### Request Type
Feature Request
### Work Environment
Feature Requests:
1 - Alert Disposition options
2 - Alert assignee
3 - Alert history
4- Alert status
1- Alert Disposition: It woul…
-
- what is Software Engineering and why it is needed
- Topics in Software Engineering
- Characteristics of Software
- Recent Advances in Software Engineering
-
Hey,
it is possible to include both functions regarding Drilldowns
```
action.notable.param.drilldown_name =
action.notable.param.drilldown_search =
```
**Why ?**
As an analyst in a SOC…
gs3cl updated
5 months ago
-
**Describe the bug**
Incidents created in Microsoft Defender will not always have their entities mapped in Sentinel. Entities don't appear on the incident analysis screen or via KQL query.
**To Re…