Part 1: Automating Detection Inputs and Deployments
In this part, you will review the technical- and program-level components for implementing a detection as code program. In addition, you will scope and automate implementing IOCs using threat intelligence. After that, you will develop code to implement pipelines that rapidly deploy custom detections to enterprise security tools. Finally, you will leverage AI to automatically generate use cases.
This part has the following chapters:
- Chapter 1, Detection as Code Architecture and Lifecycle
- Chapter 2, Scoping and Automating Threat-Informed Defense Inputs
- Chapter 3, Developing Core CI/CD Pipeline Functions
- Chapter 4, Leveraging AI for Use Case Development
