
Self-Help Self-Development Motivation CyberSecurity
Hinduism, Vedanta, Buddhism, Psychology, Cyber Security
In Cyber security, you will get intelligence from several sources like logs, alerts generated by the appliances in the network, external threat intelligence providers, etc.
At the end of the day, you need actionable intelligence for example “File abc.exe on XYZ system is malicious, and recommended action is to remove the file” or “Recommended action to block specific IP addresses on your firewall which is sending malicious requests to your web server”.
Like above there has to be actionable intelligence for the security team, however creating a set of actionable intelligence feeds is time-consuming and requires expertise from a security analyst, also you need to have absolute clarity on what are True positives and False positives
What is the simple process to follow?