In a previous blog post, I described tuning as the key to reducing alert fatigue, not SOAR. You can find that article here Alert Fatigue. Tuning isn’t easy, and this post will only talk about half of the process. When you look up the word tuning, you will find the definition of “to adjust for…
Month: August 2022
Alert Fatigue, Alert Fatiuge, Alert Fatigue, Alret Fatigue, Alert Fatigue
In the first post in my “Think Like An Analyst” series, I talk about slowing down. I gave a trick of the meditation practice of “body scanning” to do this. More information can be found here Lesson 1. In theory, it’s a great way of tackling an alert, but in some ways, it’s not real…
The Metrics Manifesto – Book Review
I’ve always been interested in using metrics to present a pattern and see if action could be taken from them. I’ve seen many organizations using metrics, but I can’t say I’ve seen an impact on the organization because of them. An example would be, “As you see here in the graph, phishing attempts were highest…
Lesson 1 – Slow Down
It’s Christmas morning. You wake up before everybody, run down the stairs, and beeline to the tree. You feverishly grab the closest present near you and tear it open! You realize it’s not that great, so you furiously grab the next one; this is boring too! The next and the next, unwrapping so you can…
Lesson 2 – Asking Questions
In lesson one, we learned how to observe, but the next step is to dig deeper. To dig deeper, we need to ask questions. Simply seeing the data or alert won’t get us to our conclusion. All of our questions will be driven by the six basic questions: Who? What? Where? When? Why? And How? …