Rules and how they works
Hitesh Patel
Member
Does anyone know if Google have a list of Rules which are available in Chronicle Security and are base on which logs source.
Tagged:
0
SecOps Documentation
Read the latest guides, how-to’s and release notes related to SecOps platform.
Chronicle SIEM Chronicle SOAR
Comments
Not that I know of
We use SOC Prime as one source for our rule content. We had qradar previously so we recreated the rules that were getting hits. Other sources we use are purple teaming, our intel group and SOC findings. SOC Prime is a great way to stay ahead of things though.