Can Energy SOAR query SIEM for additional information? Sure! We can do it automatically using workflows. SIEM alert enrichment SIEM…
SIEM
You can create a correlation rule in your SIEM to detect a login attempt from different than usual client IP which could mean a breach or a misuse.