5 min read
The Riddler is one of Batman’s enduring enemies who takes delight in incorporating riddles and puzzles into his criminal plots—often leaving them as clues for the authorities and Batman to solve.
Question: When is a door, not a door?
Answer: When it’s ajar.
So riddle me this, Batman: When is an alert not an alert?
Users of the EventTracker platform know that one of its primary functions is to apply built-in knowledge to reduce the flood of all security/log data to a much smaller stream of prioritized alerts. However, in most cases, without applying local context, this is still too noisy. Netsurion provides a risk score that is computed based on the asset value and the Common Vunlerability Scoring System rank of the source.
This allows us to separate “alerts” into different priority levels. The broad categories are:
And so, there are alerts and then there are actionable and prioritized alerts. Over-reacting to awareness or compliance alerts will drain your energy and eventually sap your enthusiasm, not to mention cost you in real terms. Under-reacting to actionable alerts will also hurt you by inaction that could reduce attacker dwell time and minimize the damage of ransomware or a data breach.
Can your detection and response tool differentiate between actionable and awareness alerts?
Netsurion's Managed Threat Protection solution can. Find out more.
Download the Whitepaper
10 min read
5 min read
7 min read