Is it possible to take a complex set of data points and distil them down into a set of simple color-coded tags? For several months, Steve and I pondered what made a good tag and how they could be used within our system. Viewing the data we have today, and our platform to do analysis, I think the answer is without a doubt, yes, we can represent a lot of complexity in a single tag.
2 Post Tagged as analyst assist
Threat research and incident response can be a lot like diving into a rabbit hole; some days it’s easy to start with one lead and quickly identify ten more that each take up hours of research time. The constantly evolving landscape forces analysts to bounce from one intrusion to the next, digging in deep for several weeks or sometimes just a few hours, then moving on to the next fire in an attempt to