ProTip for SIEM: How to Implement SIEM Content Packs

Version 1

    With the release of ESM 9.5.0, you can download and implement Content Packs, which are created and distributed by Intel Security.

    Content Packs allow you to easily select, download, and deploy critical SIEM configuration settings focused on monitoring use cases such as insider threat, data leakage, email content, firewall, malicious activity, malware, policy, reconnaissance, suspicious activity, web filtering, and authentication. These Content Packs are pre-configured to offer users fast access to advanced threat or compliance management capabilities.

    For more information on content packs and how to implement them, see KB83783.