Practical Threat Detection Engineering - Megan Roddie, Jason Deyalsingh, Gary J. Katz

Practical Threat Detection Engineering

A hands-on guide to planning, developing, and validating detection capabilities
Buch | Softcover
328 Seiten
2023
Packt Publishing Limited (Verlag)
978-1-80107-671-5 (ISBN)
59,80 inkl. MwSt
Go on a journey through the threat detection engineering lifecycle while enriching your skill set and protecting your organization

Key Features

Gain a comprehensive understanding of threat validation
Leverage open-source tools to test security detections
Harness open-source content to supplement detection and testing

Book DescriptionThreat validation is an indispensable component of every security detection program, ensuring a healthy detection pipeline. This comprehensive detection engineering guide will serve as an introduction for those who are new to detection validation, providing valuable guidelines to swiftly bring you up to speed.
The book will show you how to apply the supplied frameworks to assess, test, and validate your detection program. It covers the entire life cycle of a detection, from creation to validation, with the help of real-world examples. Featuring hands-on tutorials and projects, this guide will enable you to confidently validate the detections in your security program. This book serves as your guide to building a career in detection engineering, highlighting the essential skills and knowledge vital for detection engineers in today's landscape.
By the end of this book, you’ll have developed the skills necessary to test your security detection program and strengthen your organization’s security measures.What you will learn

Understand the detection engineering process
Build a detection engineering test lab
Learn how to maintain detections as code
Understand how threat intelligence can be used to drive detection development
Prove the effectiveness of detection capabilities to business leadership
Learn how to limit attackers' ability to inflict damage by detecting any malicious activity early

Who this book is forThis book is for security analysts and engineers seeking to improve their organization’s security posture by mastering the detection engineering lifecycle.
To get started with this book, you’ll need a basic understanding of cybersecurity concepts, along with some experience with detection and alert capabilities.

Megan Roddie is an experienced information security professional with a diverse background ranging from incident response to threat intelligence to her current role as a detection engineer. Additionally, Megan is a course author and instructor with the SANS Institute where she regularly publishes research on cloud incident response and forensics. Outside of the cyber security industry, Megan trains and competes as a high-level amateur Muay Thai fighter in Austin, TX. Jason Deyalsingh is an experienced consultant with over nine years of experience in the cyber security space. He has spent the last 5 years focused on digital forensics and incident response (DFIR). His current hobbies include playing with data and failing to learn Rust. Gary J. Katz is still trying to figure out what to do with his life while contemplating what its purpose really is. While not spiraling into this metaphysical black hole compounded by the plagues and insanity of this world, he sometimes thinks about cyber security problems and writes them down. These ruminations are, on occasion, captured in articles and books.

Table of Contents

Fundamentals of Detection Engineering
The Detection Engineering Life Cycle
Building a Detection Engineering Test Lab
Detection Data Sources
Investigating Detection Requirements
Developing Detections Using Indicators of Compromise
Developing Detections Using Behavioral Indicators
Documentation and Detection Pipelines
Detection Validation
Leveraging Threat Intelligence
Performance Management
Career Guidance for Detection Engineers

Erscheinungsdatum
Verlagsort Birmingham
Sprache englisch
Maße 191 x 235 mm
Themenwelt Informatik Netzwerke Sicherheit / Firewall
ISBN-10 1-80107-671-5 / 1801076715
ISBN-13 978-1-80107-671-5 / 9781801076715
Zustand Neuware
Informationen gemäß Produktsicherheitsverordnung (GPSR)
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00