QFSO Find Similar Offenses
Schedule a call
QFSO Find Similar Offenses for IBM Security QRadar SIEM is an extension that adds a new button on the offense details page. By clicking this button, users get a list of all offenses generated by the same rule. If multiple rules contribute to the offense, users will be asked to select a specific rule. This application is useful for speeding up offense investigations and tuning rules.
QRadar Native Alternatives
There is no such native functionality in QRadar. Analysts have to manually search for similar offenses.
License
Open Source / Apache 2.
IBM App Exchange
Available as a complimentary app within a commercial tool purchase.