Support Questions
Find answers, ask questions, and share your expertise

Is there available a community set of (Stellar) rules suitable to most Information Systems ?


The hard work with a SIEM is to build a ruleset covering enterprise risks and essential goods. MSSP usually propose a "standard" ruleset where applicability shall be asserted and then rules tuned, and in addition they perform field interviews to identify one's risks and essential goods and their criticality in terms of Confidentiality, Integrity, Availability, Traceability, in order to build use cases and finally specific rules.

Is there somewhere a community standard ruleset (Stellar) other than these three examples ?