HOME Resources Blog What Anton Chuvakin is Saying About SOC Threat Coverage

|

What Anton Chuvakin is Saying About SOC Threat Coverage

Anton Chuvakin, SIEM expert and former Gartner analyst (now at Google Chronicle) has written a thought-provoking blog post titled “SOC Threat Coverage Analysis — Why/How?“.

In the post, he discusses:

  • Why the detection coverage gap is so large at many organizations (broken log collectors, missing rules, etc.)
  • Why just mapping to MITRE ATT&CK is insufficient on its own to fully operationalize MITRE ATT&CK in your SOC
  • How to systematically improve threat coverage in your SOC

Read more.