0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Practical Threat Detection Engineering

You're reading from Practical Threat Detection Engineering A hands-on guide to planning, developing, and validating detection capabilities

Product type Paperback

Published in Jul 2023

Publisher Packt

ISBN-13 9781801076715

Length 328 pages

Edition 1st Edition

Tools

ExpressionEngine

Concepts

Threat Hunting

Authors (3):

Megan Roddie

Jason Deyalsingh

Gary J. Katz

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Introduction to Detection Engineering

2. Chapter 1: Fundamentals of Detection Engineering FREE CHAPTER

3. Chapter 2: The Detection Engineering Life Cycle

4. Chapter 3: Building a Detection Engineering Test Lab

5. Part 2: Detection Creation

6. Chapter 4: Detection Data Sources

7. Chapter 5: Investigating Detection Requirements

8. Chapter 6: Developing Detections Using Indicators of Compromise

9. Chapter 7: Developing Detections Using Behavioral Indicators

10. Chapter 8: Documentation and Detection Pipelines

11. Part 3: Detection Validation

12. Chapter 9: Detection Validation

13. Chapter 10: Leveraging Threat Intelligence

14. Part 4: Metrics and Management

15. Chapter 11: Performance Management

16. Part 5: Detection Engineering as a Career

17. Chapter 12: Career Guidance for Detection Engineers

18. Index

Why subscribe?

19. Other Books You May Enjoy

Index

As this ebook edition doesn't have fixed pagination, the page numbers below are hyperlinked for reference only, based on the printed edition of this book.

A

abstraction map 268, 269

access, authentication, and authorization logs 80

actionability, of detection 18

Active Exploits score 107, 108

ad hoc tests 38

adversary activity simulation 203

Atomic Red Team 203, 204

CALDERA 204, 205

adversary tools detection 141

PsExec usage, example scenarios 141

alert determinations 260

antivirus (AV) 81

Apache logs 90

Atomic Red Team 203

additional exercises 212

CALDERA agent, deploying 213, 214

detections for multiple technique, validating 212

detections for single technique, validating 205

detections, reviewing in Elastic Stack 217-219

operation, starting 214-217

reference link 204

setup, for validating detection 205-208

validation, executing via 209-212

ATT&CK Navigator

reference link...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (3)

Megan Roddie

Megan Roddie

Megan Roddie is an experienced information security professional with a diverse background ranging from incident response to threat intelligence to her current role as a detection engineer. Additionally, Megan is a course author and instructor with the SANS Institute where she regularly publishes research on cloud incident response and forensics. Outside of the cyber security industry, Megan trains and competes as a high-level amateur Muay Thai fighter in Austin, TX.

See other products by Megan Roddie

Gary J. Katz

Gary J. Katz

Gary J. Katz is still trying to figure out what to do with his life while contemplating what its purpose really is. While not spiraling into this metaphysical black hole compounded by the plagues and insanity of this world, he sometimes thinks about cyber security problems and writes them down. These ruminations are, on occasion, captured in articles and books.

See other products by Gary J. Katz

Jason Deyalsingh

Jason Deyalsingh

Jason Deyalsingh is an experienced consultant with over nine years of experience in the cyber security space. He has spent the last 5 years focused on digital forensics and incident response (DFIR). His current hobbies include playing with data and failing to learn Rust.

See other products by Jason Deyalsingh

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m