This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About ocohen
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About ocohen
01-31-2023
12Posts
3Likes
0Solutions
Jan 31, 2023Last Visited
User
Activity
User
Profile
Latest posts by ocohen
| Subject | Views | Posted |
|---|---|---|
| 4357 | 05-11-2021 02:26 PM | |
| 4527 | 05-11-2021 03:15 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 3 Likes | 05-11-2021 03:15 AM |
User Badges
Community Statistics
| Member Since | 02-27-2021 10:48 PM |
| Date Last Visited | 01-31-2023 04:13 PM |
| Posts | 12 |
| Total Likes Received | 3 |
09-09-2022
03:05 PM
Is there a list of these published somewhere? With Analytics, Analytics BIOC, and BIOCs there are published lists that enable us to pre-classify the alerts in XSOAR. So far I have not found a list of BTP rules which has caused some FP or FN when choosing to automatically isolate via XSOAR because we don't know ahead of time what rules are going to come through. For example, there are BIOCs for DCSync attacks which trigger isolation but there is also at least one BTP rule for DCSync which we did not know about so isolation was not activated.
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks