SOC Experts Community - Beta
0 like 0 dislike
in Use Cases by (5k points)

1 Answer

0 like 0 dislike
by (5.9k points)
Usually logs are the records of all the actions that are performed on the system. Where in based on that logs we write rules/ correlation to build alerts. Alerts would be false positive or true incident, but not the logs as far as my knowledge is concern.

SOC Experts - No. 1 Job Oriented Cybersecurity Training Program

View our Courses