SIEM Report to SOC | Voters

SIEM Report to SOC

under review

Christopher Culligan

It would be nice to have the ability to submit SIEM logs to the SOC for review in the event it was missed by AI or Human the first time.

July 16, 2024

tim.bixley@itpartners.co.nz

Yes, this would be great

rodrigo otoya

Yes please, i will love to see huntress becoming a trully MXDR ( SIEM, EDR, ITDR, SOAR..)

Chris Bisnett

marked this post as

under review

Chris Bisnett

I like this idea! We don’t yet have a workflow for this type of interaction with the SOC, but this sounds really interesting as long as it doesn’t get out of hand. We don’t want our SOC chasing ghosts, but this would be a much better experience than having to send an email to support and try to relay the data through them.

Christopher Culligan

Chris Bisnett I agree and i believe users should also list a reason why they believe the SOC should review the selected logs. Might even have the AI go through it first and doing a criticality rating.