Building a Security Data Strategy Requires Purpose
Everything you do from a security operations center (SOC) perspective should have a purpose. This includes the data you collect, which enables the analytics you perform, and influences how you respond to detection outputs from the heterogeneous system known as the SOC.
Even as I write this, I’m unsure if you will consider the idea of a rigid data strategy as painfully obvious or a pipe dream. That’s a problem....