Forum Discussion
New to SIEM - not sure what to do with new case
I setup my SIEM with Data Connector to MS Security Events and then installed "Failed Login Attempts within 10 minutes" alert. Then I triggered this alert which resulted in a Case. Now what? I can...
You can look at the "Hunting with Jupyter Notebooks" articles published here to give you an idea of how to use Notebooks to perform a more in-depth analysis