Blue teams include complex, challenging, and research-intensive disciplines, and the related roles are not filled. In the conversation mentioned above, my friend assumed that defending roles mainly consist of monitoring SIEMs (Security Information and Event Management) and other alerting tools, which is correct for SOC (Security Operations Center) analyst roles.
Read full article on The Hacker News