If rule writing for SIEMs isn't managed properly, it can lead to false positives and misconfigurations, which create extra work for the SOC team.



Source: DarkReading
Source Link: https://www.darkreading.com/dr-global/tel-aviv-stock-exchange-ciso-making-better-use-of-your-siem