Rules and how they works

Rules and how they works

Does anyone know if Google have a list of Rules which are available in Chronicle Security and are base on which logs source.



  • Not that I know of

    We use SOC Prime as one source for our rule content. We had qradar previously so we recreated the rules that were getting hits. Other sources we use are purple teaming, our intel group and SOC findings. SOC Prime is a great way to stay ahead of things though.

Sign In or Register to comment.