Get to grips with the detection engineering lifecycle and transform internal and external threat intelligence into relevant detection controls to protect your organization
Purchase of the print or Kindle book includes a free PDF eBook
Key Features:
- Gain a comprehensive understanding of threat validation
- Leverage open source tools to test security detections
- Harness open source content to supplement detection and testing
Book Description:
Threat validation is an indispensable component of every security detection program, ensuring a healthy detection pipeline. This comprehensive detection engineering guide will serve as an introduction for those who are new to detection validation, providing valuable guidelines to swiftly bring you up to speed.
The book will show you how to apply the supplied frameworks to assess, test, and validate your detection program. It covers the entire life cycle of a detection, from creation to validation, with the help of real-world examples. Featuring hands-on tutorials, projects, and self-assessment questions, this guide will enable you to confidently validate the detections in your security program.
By the end of this book, you'll have developed the skills necessary to test your security detection program and strengthen your organization's security measures.
What You Will Learn:
- Become well versed in the detection engineering process
- Build a detection engineering test lab
- Discover how to maintain detections as code
- Find out how threat intelligence can be used to drive detection development
- Demonstrate the effectiveness of detection capabilities to business leadership
- Limit the attackers' ability to inflict damage by detecting malicious activity early
Who this book is for:
This book is for security analysts and engineers seeking to improve their organization's security posture by mastering the detection engineering lifecycle.
To get started with this book, you'll need a basic understanding of cybersecurity concepts, along with some experience with detection and alert capabilities.