Is This Just How Blue Teams Work or Is This a Red Flag Environment?
CybersecuritySOCDetectionLogicHashReputationEDRAutomationCuriosityCulture
This content is an AI-generated summary. If you encounter any misinformation or problematic content, please report it to cyb.hub@proton.me.
A junior in cybersecurity is questioning the maturity of their SOC team, citing several practices that seem problematic to them: the use of non-optimized detection logic, an excessive reliance on the reputation of public hashes, weak management of EDR and cases, a strange detection philosophy, a lack of engineering and automation, and an absence of a deep curiosity culture. They wonder if this environment is common and how to avoid such situations in the future.