0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Automating Security Detection Engineering

You're reading from Automating Security Detection Engineering A hands-on guide to implementing Detection as Code

Product type Paperback

Published in Jun 2024

Publisher Packt

ISBN-13 9781837636419

Length 252 pages

Edition 1st Edition

Languages

Python

Tools

GitHub

Concepts

Cybersecurity

Author (1):

Dennis Chow

View More author details

Table of Contents (16) Chapters

Preface

1. Part 1: Automating Detection Inputs and Deployments

2. Chapter 1: Detection as Code Architecture and Lifecycle FREE CHAPTER

3. Chapter 2: Scoping and Automating Threat-Informed Defense Inputs

4. Chapter 3: Developing Core CI/CD Pipeline Functions

5. Chapter 4: Leveraging AI for Use Case Development

6. Part 2: Automating Validations within CI/CD Pipelines

7. Chapter 5: Implementing Logical Unit Tests

8. Chapter 6: Creating Integration Tests

9. Chapter 7: Leveraging AI for Testing

10. Part 3: Monitoring Program Effectiveness

11. Chapter 8: Monitoring Detection Health

12. Chapter 9: Measuring Program Efficiency

13. Chapter 10: Operating Patterns by Maturity

14. Index

Why subscribe?

15. Other Books You May Enjoy

Measuring use case performance

Throughout this book, we’ve deployed custom detections for multiple security technology stacks, including CSPM, EDR, NIDS, SIEMs, and RASPs. Different technologies in detection telemetry can generally be broken down into two categories: upstream of the SIEM and downstream at the SIEM.

There are a few key pieces of information that we need to capture to properly monitor our deployed use cases regardless of type:

How often the detection has fired recently
Runtime duration and load on security tooling
SOC analyst’s analysis disposition of our alerts

While use case performance can also be affected by external factors, such as system resource capacity or event or log ingestion changes, we can generally expect recent use cases to work for a finite amount of time. If our underlying platforms are not in a healthy state, that should be corrected first before attempting to capture metrics for unit-level detections.

...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Dennis Chow

Dennis Chow

Dennis Chow is an experienced security engineer and manager who has led global security teams in Fortune 500 industries with over 14 years of experience. Dennis started from an IT and security analyst background, working upwards to engineering, architecture, and consultancy in blue- and red-team-focused roles. In 2015, the US Department of Health and Human Services awarded Dennis a grant to standardize cyber threat intelligence sharing for the entire US healthcare vertical. In that time, Dennis achieved over 30 certifications and became GIAC Security Expert #288. During his time at Amazon Web Services (AWS), Dennis worked as a professional services consultant, focusing on security transformation for detection-focused automation.

See other products by Dennis Chow

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m