This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
It looks like they are not collected in neither SIEM or SOAR by default.
Any
idea?https://cloud.google.com/security-command-center/docs/reference/rest/v2/IssueType
Thanks for the explanation! So, there are several exports configured and
I can't figure out which one goes to SecOps. Any idea how to figure that
out? Because that could point me to the filter that should also contain
finding_class="CHOKEPOINT"
I'm referring to Security Analysts manually closing cases from the UI
when an investigation is concluded and then have a way for the rest of
the team to be notified about that case closure event and how it was
closed (Reason/Root Cause/Closing Commen...
