testuser
(testuser)
September 20, 2024, 6:40am
1
Any solutions currently on tracking common SOC metrics in IDR?
Such as
Severity of investigations over time
Open to close investigations over time
MTTD - Mean Time to Detect
MTTI - Mean Time to Investigation
MTTR - Mean Time to Respond
Escalations over time
mrajani
(mrajani)
September 23, 2024, 1:23pm
2
The Security Operations Activity Dashboard - Monitor Your Security Operations Activities | InsightIDR Documentation might be useful for some of the metrics.
jclawson1
(jclawson)
September 26, 2024, 5:59pm
3
I’ve been thinking the same thing but haven’t created any custom queries and widgets yet. The built-in security operations dashboard is fairly limited and not customizable.
rlee
(rlee)
September 26, 2024, 9:15pm
4
I asked for the same thing a few months ago, they don’t have it yet. Only way I a third party ticketing system and do it that way