Hi buddy / mates
In recent times cybersecurity companies are recruiting people with domain and skills in writing rules for SIEMs, IDS, IPS and others. The writing of these rules, on the one hand, helps to avoid false positives, good reading of log messages to better understand events on the network and, on the other hand, to comply with corporate internal policies.
To further emphasize, I believe it is a new skill for Cyber Security Analyst (BlueTeam).
I believe that compTIA could focus on this in their certifications such as: A+, Net+, Sec+, CySA+, Data+
Are there any sources of information, training or guides that would help an analyst to have the skill to write rules on security devices?
In recent times cybersecurity companies are recruiting people with domain and skills in writing rules for SIEMs, IDS, IPS and others. The writing of these rules, on the one hand, helps to avoid false positives, good reading of log messages to better understand events on the network and, on the other hand, to comply with corporate internal policies.
To further emphasize, I believe it is a new skill for Cyber Security Analyst (BlueTeam).
I believe that compTIA could focus on this in their certifications such as: A+, Net+, Sec+, CySA+, Data+
Are there any sources of information, training or guides that would help an analyst to have the skill to write rules on security devices?