This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 14th: Gemini's generative AI within Google SecOps
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

Two Part Series Blog: Detecting Impossible Travel

Posted on 08-09-2024 07:11 AM
matthewnichols
Staff
Reply posted on --/--/---- --:-- AM

Hey SecOps SIEM enthusiasts. We just published a part 1 of two part series blog about detecting impossible travel using SecOps SIEM. It dives into implementing detection methods using custom YARA-L Detection rule, leveraging GeoSpatial and GeoIP enrichment. Check it out here.

Part 2 SecOps SOAR coming next week.

2 1 237
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
matthewnichols
Staff
Reply posted on --/--/---- --:-- AM

If you haven't seen it already, we just released the Part 2 blog in this series, where we take the next step and focus on building an associated SecOps SOAR Playbook to provide security analysts with an actionable alert. Check it out here

Top Solution Authors
View all