For those in the #SOC: Alert Triage vs Endpoint Triage
Blog post that is part of our Endpoint Triage series.
Alert triage focuses on validating and prioritizing the EDR/SIEM alert.
Endpoint triage focuses on prioritizing the host. How bad is it?
www.cybertriage.com/blog/alert-t...
As we talk to corporate security teams about how they respond to incidents and EDR alerts, we find it useful to highlight the Endpoint Triage step in
