Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Automating Security Detection Engineering

You're reading from   Automating Security Detection Engineering A hands-on guide to implementing Detection as Code

Arrow left icon
Product type Paperback
Published in Jun 2024
Publisher Packt
ISBN-13 9781837636419
Length 252 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Dennis Chow Dennis Chow
Author Profile Icon Dennis Chow
Dennis Chow
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Part 1: Automating Detection Inputs and Deployments
2. Chapter 1: Detection as Code Architecture and Lifecycle FREE CHAPTER 3. Chapter 2: Scoping and Automating Threat-Informed Defense Inputs 4. Chapter 3: Developing Core CI/CD Pipeline Functions 5. Chapter 4: Leveraging AI for Use Case Development 6. Part 2: Automating Validations within CI/CD Pipelines
7. Chapter 5: Implementing Logical Unit Tests 8. Chapter 6: Creating Integration Tests 9. Chapter 7: Leveraging AI for Testing 10. Part 3: Monitoring Program Effectiveness
11. Chapter 8: Monitoring Detection Health 12. Chapter 9: Measuring Program Efficiency 13. Chapter 10: Operating Patterns by Maturity 14. Index 15. Other Books You May Enjoy

To get the most out of this book

You will need an existing understanding of basic programming or scripting, experience in a security operation or engineering role, and conceptual knowledge of common enterprise security tools and their purpose. While a background in detection engineering is useful, it is not a requirement to fully implement and achieve the objectives of this book.

Software/hardware covered in the book

Operating system requirements

A computer capable of running an Ubuntu-based VM concurrently, with a recommended 8 CPU cores and 16 GB of memory for the host machine

Compatible Intel x86-64 Windows 10+, macOS 13+, or Ubuntu Desktop LTS 22.04+

Amazon Web Services (AWS)

Atlassian Jira Cloud

Cloud Custodian

Cloudflare WAF

CodeRabbit AI

CrowdStrike Falcon EDR

Datadog Cloud SIEM

Git CLI

GitHub

Google Chronicle

Google Colab

Hashicorp Terraform

Microsoft VS Code

PFSense Community Edition

Poe.com AI

Python 3.9+

SOC Prime Uncoder AI

Splunk Enterprise

Tines.com Cloud SOAR

Trend Micro Cloud One

Ubuntu Desktop LTS 22.04+

Wazuh Server and EDR

Before we begin with Chapter 1, you will need to set up and install the Ubuntu Desktop LTS version on a VM that you will run on a compatible compute resource. Follow the latest instructions on the Ubuntu website for your host operating system. It is also advised to download a copy of each chapter’s contents from https://github.com/PacktPublishing/Automating-Security-Detection-Engineering as you progress through the book. Each chapter will have a series of lab reference files for you to explore, modify, or use as a full solution. Refer to the lab instructions in each chapter for more details.

We also recommend not signing up for the free trials of the software vendors until you have reached a chapter that requires you to do so. This will allow you to have an extended amount of time pursuing the lab work as you progress through this book.

Finally, since all code at the time of writing is a point in time, if you are having trouble with the latest versions, we suggest importing the Python pip requirements.txt file from the repository, based on the pinned versions.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at AU $24.99/month. Cancel anytime