The Chief Information Security Officer for an organization recently received approval to install a new EDR solution. Following the installation, the number of alerts that require remediation by an analyst has tripled. Which option best should the organization utilize to best centralize the workload for the internal security team? (Select two).
SOAR (Security Orchestration, Automation and Response) and SIEM (Security Information and Event Management) are solutions that can help centralize the workload for the internal security team by collecting, correlating, and analyzing alerts from different sources, such as EDR. SOAR can also automate and streamline incident response workflows, while SIEM can provide dashboards and reports for security monitoring and compliance. Reference: What is EDR? Endpoint Detection & Response, How Does the Cyber Kill Chain Protect Against Attacks?; What is EDR Solution?, EDR solutions secure diverse endpoints through central monitoring
Emilio
1 day agoReena
7 days agoMireya
12 days agoGilma
17 days agoSalena
22 days agoVi
27 days agoShad
2 months agoTamra
2 months agoBulah
2 months agoClay
2 months agoLai
2 months agoKathrine
3 months agoGerald
3 months ago