Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Practical Threat Detection Engineering
  • Table Of Contents Toc
  • Feedback & Rating feedback
Practical Threat Detection Engineering

Practical Threat Detection Engineering

By : Megan Roddie, Jason Deyalsingh, Gary J. Katz
4.7 (21)
close
close
Practical Threat Detection Engineering

Practical Threat Detection Engineering

4.7 (21)
By: Megan Roddie, Jason Deyalsingh, Gary J. Katz

Overview of this book

Threat validation is an indispensable component of every security detection program, ensuring a healthy detection pipeline. This comprehensive detection engineering guide will serve as an introduction for those who are new to detection validation, providing valuable guidelines to swiftly bring you up to speed. The book will show you how to apply the supplied frameworks to assess, test, and validate your detection program. It covers the entire life cycle of a detection, from creation to validation, with the help of real-world examples. Featuring hands-on tutorials and projects, this guide will enable you to confidently validate the detections in your security program. This book serves as your guide to building a career in detection engineering, highlighting the essential skills and knowledge vital for detection engineers in today's landscape. By the end of this book, you’ll have developed the skills necessary to test your security detection program and strengthen your organization’s security measures.
Table of Contents (20 chapters)
close
close
1
Part 1: Introduction to Detection Engineering
5
Part 2: Detection Creation
11
Part 3: Detection Validation
14
Part 4: Metrics and Management
16
Part 5: Detection Engineering as a Career

Summary

This chapter continued from the previous chapter in introducing the practical implementation of the first phases of the detection engineering life cycle, following the identification of detection requirements, this time focused on behavior-based detections. We discussed how to take a detection requirement associated with a tool or TTP and perform research into how the requirement can be met.

After performing research into each requirement, we performed hands-on exercises to show how the information gathered can be used to implement detections in your lab environment, including performing additional logging configurations to capture the events needed.

Now that we’ve seen how the detection engineering life cycle can get you from a detection requirement to an implemented detection, Chapter 8 will look at how we can document detections in a way that will allow for easier tracking and organization. Additionally, we will discuss how detection pipelines and detection...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY