Tag: AI
-
Closing the Loop: From Threat Modeling to SOC Operations
Security teams often treat threat modeling, detection engineering, and SOC operations as distinct silos. Threat modeling outputs get documented but rarely reach the SOC. SOC engineers build detections but often without context of business priorities. And SOC operations fight daily battles without clear alignment to threat models or crown jewels. This fragmentation creates what I…
-
Detection-First SIEM: Rule Types, Dashboards, and Strategic Visibility
“You can collect all the logs in the world, but if you can’t detect, you’re just archiving risk.” Modern SIEMs aren’t just log aggregators—they are the analytical backbone of security operations. But to unlock their value, you need more than ingestion and alerts. You need detection-first thinking. This post outlines the real strategy behind detection-first…
-
A quick review on SOAR platforms
Introduction: In recent years, security operations teams have been inundated with a deluge of security alerts and incidents that are difficult to manage and resolve efficiently. As a result, organizations are increasingly turning to Security Orchestration, Automation and Response (SOAR) platforms to help them streamline their security operations and improve their response times. In this…
ReZaAdineH 