0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Automating Security Detection Engineering

You're reading from Automating Security Detection Engineering A hands-on guide to implementing Detection as Code

Product type Paperback

Published in Jun 2024

Publisher Packt

ISBN-13 9781837636419

Length 252 pages

Edition 1st Edition

Languages

Python

Tools

GitHub

Concepts

Cybersecurity

Author (1):

Dennis Chow

View More author details

Table of Contents (16) Chapters

Preface

1. Part 1: Automating Detection Inputs and Deployments

2. Chapter 1: Detection as Code Architecture and Lifecycle FREE CHAPTER

3. Chapter 2: Scoping and Automating Threat-Informed Defense Inputs

4. Chapter 3: Developing Core CI/CD Pipeline Functions

5. Chapter 4: Leveraging AI for Use Case Development

6. Part 2: Automating Validations within CI/CD Pipelines

7. Chapter 5: Implementing Logical Unit Tests

8. Chapter 6: Creating Integration Tests

9. Chapter 7: Leveraging AI for Testing

10. Part 3: Monitoring Program Effectiveness

11. Chapter 8: Monitoring Detection Health

12. Chapter 9: Measuring Program Efficiency

13. Chapter 10: Operating Patterns by Maturity

14. Index

Why subscribe?

15. Other Books You May Enjoy

Identifying telemetry sources

Before monitoring our use cases, we need to locate appropriate sources to pull telemetry data from to make informed decisions on normal operations. What comes to mind for many detection engineers is capturing the immediate runtime data from the SIEM. Using the SIEM is definitely a major source for understanding alert frequency, runtime schedules, and disposition status.

Outside of the SIEM runtime, there are other opportunities to monitor detection life cycle health as well. Take the following examples:

GitHub operations: On GitHub, the number of merge failures, issues, and warnings for each repo or detection set, including the number of times a detection has to be revised in a given week for tuning.
Threat-based relevancy: Adding additional detections comes with a computational overhead. Depending on the organization, you can continuously reference threat intelligence reporting at the TTP level for deciding which detections to leverage...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Dennis Chow

Dennis Chow

Dennis Chow is an experienced security engineer and manager who has led global security teams in Fortune 500 industries with over 14 years of experience. Dennis started from an IT and security analyst background, working upwards to engineering, architecture, and consultancy in blue- and red-team-focused roles. In 2015, the US Department of Health and Human Services awarded Dennis a grant to standardize cyber threat intelligence sharing for the entire US healthcare vertical. In that time, Dennis achieved over 30 certifications and became GIAC Security Expert #288. During his time at Amazon Web Services (AWS), Dennis worked as a professional services consultant, focusing on security transformation for detection-focused automation.

See other products by Dennis Chow

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m