Question 176
Main Page
What’s a challenge with overly broad alert rules in a SIEM?
A. Reduced log storage
B. Elimination of escalation
C. Alert fatigue and missed real threats
D. Faster analyst response times
Show Answer