0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Practical Threat Detection Engineering

You're reading from Practical Threat Detection Engineering A hands-on guide to planning, developing, and validating detection capabilities

Product type Paperback

Published in Jul 2023

Publisher Packt

ISBN-13 9781801076715

Length 328 pages

Edition 1st Edition

Tools

ExpressionEngine

Concepts

Threat Hunting

Authors (3):

Megan Roddie

Jason Deyalsingh

Gary J. Katz

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Introduction to Detection Engineering

2. Chapter 1: Fundamentals of Detection Engineering FREE CHAPTER

3. Chapter 2: The Detection Engineering Life Cycle

4. Chapter 3: Building a Detection Engineering Test Lab

5. Part 2: Detection Creation

6. Chapter 4: Detection Data Sources

7. Chapter 5: Investigating Detection Requirements

8. Chapter 6: Developing Detections Using Indicators of Compromise

9. Chapter 7: Developing Detections Using Behavioral Indicators

10. Chapter 8: Documentation and Detection Pipelines

11. Part 3: Detection Validation

12. Chapter 9: Detection Validation

13. Chapter 10: Leveraging Threat Intelligence

14. Part 4: Metrics and Management

15. Chapter 11: Performance Management

16. Part 5: Detection Engineering as a Career

17. Chapter 12: Career Guidance for Detection Engineers

18. Index

Why subscribe?

19. Other Books You May Enjoy

Measuring the effectiveness of a detection engineering program

While efficiency is a measure of productiveness, effectiveness is a measure of success. How well is the detection engineering team actually helping to achieve the SOC’s goals, which should have a direct correlation to the value the organization provides? Quantifying the value of a cyber security program is always difficult. The cost of a cyber-attack cannot be quantified until after it has occurred and the damage has been assessed. It is therefore difficult to quantify how much stopping an attack has saved the organization. Should the value of a cyber security organization be judged based on the number of attacks performed by adversaries? Should an attack attempt to steal a random user’s credit card number be counted the same as an advanced adversary attempting to steal the company’s intellectual property or hold it for ransom? Stopping thousands of indiscriminate phishing attacks may not matter as...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (3)

Megan Roddie

Megan Roddie

Megan Roddie is an experienced information security professional with a diverse background ranging from incident response to threat intelligence to her current role as a detection engineer. Additionally, Megan is a course author and instructor with the SANS Institute where she regularly publishes research on cloud incident response and forensics. Outside of the cyber security industry, Megan trains and competes as a high-level amateur Muay Thai fighter in Austin, TX.

See other products by Megan Roddie

Gary J. Katz

Gary J. Katz

Gary J. Katz is still trying to figure out what to do with his life while contemplating what its purpose really is. While not spiraling into this metaphysical black hole compounded by the plagues and insanity of this world, he sometimes thinks about cyber security problems and writes them down. These ruminations are, on occasion, captured in articles and books.

See other products by Gary J. Katz

Jason Deyalsingh

Jason Deyalsingh

Jason Deyalsingh is an experienced consultant with over nine years of experience in the cyber security space. He has spent the last 5 years focused on digital forensics and incident response (DFIR). His current hobbies include playing with data and failing to learn Rust.

See other products by Jason Deyalsingh

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m