Have you tried Google Chronicle? What's your opinion about it?
Hi SOC analysts and other infosec professionals,
Which standard/custom method do you use to decide about the alert severity in your SOC?
Is it possible to avoid being too subjective? How do you fight the "alert fatigue"?
What are your methods to automate Azure Sentinel content deployment?
Are you adopting a Detection-As-Code approach? What main challenges have you faced? Thank you in advance!