A SIEM is used to detect security incidents in real-time while organizing and managing your security logs in one place. Untuned SIEM environments can have you drowning in data. SIEM tuning makes the adjustments necessary to eliminate false positives and reduce noise so that you are only alerted on the important events that happen in your environment.
Note: this post was originally shared on https://squiblydoo.blog/ by a member of the Binary Defense Team. In