Tweet
Hey there,
First, I love the product.
Ive seen a lot of incidents detected by Sensor and Id like to think that it is doing a good work.
But it is very difficult to investigate on the reported incidents and Id like to know if you guys have any tips to make that specific task effective.
Lately, Ive got a lot of ( i360-wallarm - web-shell access ) incidents reported but very few detail about the events.
Should I increase the verbosity of the log details? Is it worthy or another false positive?
Talking about false positive, it is becoming a time consuming overhead to manage and the overall effort dont seem to be worthy. Any tips to make it better?
Regards,
First, I love the product.
Ive seen a lot of incidents detected by Sensor and Id like to think that it is doing a good work.
But it is very difficult to investigate on the reported incidents and Id like to know if you guys have any tips to make that specific task effective.
Lately, Ive got a lot of ( i360-wallarm - web-shell access ) incidents reported but very few detail about the events.
Should I increase the verbosity of the log details? Is it worthy or another false positive?
Talking about false positive, it is becoming a time consuming overhead to manage and the overall effort dont seem to be worthy. Any tips to make it better?
Regards,
Comment