ikiril01
commented
4 years ago @Intrusionist this is great - thanks for the submission! We'll review it and merge it in shortly.
Closed Intrusionist closed 4 years ago
ikiril01
commented
4 years ago @Intrusionist this is great - thanks for the submission! We'll review it and merge it in shortly.
ikiril01
commented
4 years ago Looks good! I reverted a few changes to CAR-2014-03-001 since I think they were unnecessary. Otherwise, merging in the rest.
DNIF is a first-of-its-kind, next-gen SIEM solution with advanced security analytics and response automation. It’s built on a big data analytics platform for real-time threat detection and response. It provides SOAR, UEBA, security analytics, threat hunting and security data lake solutions on a single platform to promote process efficiency, manageability and reduced risks.
DQL is query language which is used for fetching logs.
We've written DQL queries for the detection.