List of Contributions

I'm with you. Just, please don't call them "KPI's". It's commonly misused in Security and only relevant to ITOps. It should rather be called Key Risk Indicators - KRI's or Security Risk Indicators. According to Risk IT framework by ISACA. Regards, Dietger ------------------------------ Dietger ...

Offense data is stored within a PostgreSQL database on the QRadar appliances. Not within the file system data base called ARIEL which is used for storing received data. However, it's not officially support to access PostgreSQL directly but technically possible. The official recommended and support access ...

Lance, when Offenses don't get any attention in a timely manner, they're not relevant at all and they need to get rid of them. A Saved Search and/or a Report might be more fitting for such Use Cases. I faced many clients which outsourced their SOC responsibilities. Here it all depends on negotiated ...