| Table of Contents | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
A playbook codifies a security analyst's intelligence on how to analyze the imported data sets. A playbook incorporates the analyst's expertise in a logical process to take multiple inputs and apply data reduction and advanced correlation techniques to generate a single score or ranking as the output for each event. The playbook results in a decision for each event about whether it is acceptable or suspicious.
...