-
|
Hi! Great that I can edit exclusions now directly in SOC 2.4, but have you ever thought about a single action in SOC to create an exclusion based on an existing alert (in the left click context menu of an alert)? That would be so AWESOME! Something like a small pop up where a user can decide if her/she wants to disable the alert rule completly or just suppress is it for specific source and/or destination IP's would be a good start. Cheers, Ben |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Stay tuned for 2.4.70 https://www.youtube.com/watch?v=oxR4q53N6OI ! |
Beta Was this translation helpful? Give feedback.
-
|
Security Onion 2.4.70 now available including our new Detections interface and much more!
|
Beta Was this translation helpful? Give feedback.
Security Onion 2.4.70 now available including our new Detections interface and much more!
https://blog.securityonion.net/2024/05/security-onion-2470-now-available.html