Muutke küpsiste eelistusi

Practical Threat Detection Engineering: A hands-on guide to planning, developing, and validating detection capabilities [Pehme köide]

4.12/5 (17 hinnangut Goodreads-ist)
, ,
  • Formaat: Paperback / softback, 328 pages, kõrgus x laius: 235x191 mm
  • Ilmumisaeg: 21-Jul-2023
  • Kirjastus: Packt Publishing Limited
  • ISBN-10: 1801076715
  • ISBN-13: 9781801076715
Teised raamatud teemal:
Practical Threat Detection Engineering: A hands-on guide to planning, developing, and validating detection capabilitiesSuurem pilt
  • Formaat: Paperback / softback, 328 pages, kõrgus x laius: 235x191 mm
  • Ilmumisaeg: 21-Jul-2023
  • Kirjastus: Packt Publishing Limited
  • ISBN-10: 1801076715
  • ISBN-13: 9781801076715
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781801076715.html
Märksõnad:
Learn to build, test, and optimize high-fidelity security detections with hands-on labs, real-world scenarios, and industry frameworks like MITRE ATT&CK to master detection engineering and boost your career.

Key Features

Master the core principles of detection engineering, from development to validation Follow practical tutorials and real-world examples to build and test detections effectively Boost your career using cutting-edge, open-source tools and community-driven content

Book DescriptionThreat validation is the backbone of every strong security detection strategyit ensures your detection pipeline is effective, reliable, and resilient against real-world threats. This comprehensive guide is designed for those new to detection validation, offering clear, actionable frameworks to help you assess, test, and refine your security detections with confidence. Covering the entire detection lifecycle, from development to validation, this book provides real-world examples, hands-on tutorials, and practical projects to solidify your skills. Beyond just technical know-how, this book empowers you to build a career in detection engineering, equipping you with the essential expertise to thrive in todays cybersecurity landscape. By the end of this book, you'll have the tools and knowledge to fortify your organizations defenses, enhance detection accuracy, and stay ahead of cyber threats. What you will learn

Boost your career as a detection engineer Use industry tools to test and refine your security detections Create effective detections to catch sophisticated threats. Build a detection engineering test lab Make the most of the detection engineering life cycle Harness threat intelligence for detection with open-source intelligence and assessments Understand the principles and concepts that form the foundation of detection engineering Identify critical data sources and overcome integration challenges

Who this book is forThis book is for SOC analysts, threat hunters, security engineers, and cybersecurity professionals looking to master detection engineering. Ideal for those seeking to build, test, and optimize high-fidelity security detections.
Table of Contents

Fundamentals of Detection Engineering
The Detection Engineering Life Cycle
Building a Detection Engineering Test Lab
Detection Data Sources
Investigating Detection Requirements
Developing Detections Using Indicators of Compromise
Developing Detections Using Behavioral Indicators
Documentation and Detection Pipelines
Detection Validation
Leveraging Threat Intelligence
Performance Management
Career Guidance for Detection Engineers
Megan Roddie is an experienced information security professional with a diverse background ranging from incident response to threat intelligence to her current role as a detection engineer. Additionally, Megan is a course author and instructor with the SANS Institute where she regularly publishes research on cloud incident response and forensics. Outside of the cyber security industry, Megan trains and competes as a high-level amateur Muay Thai fighter in Austin, TX. Jason Deyalsingh is an experienced consultant with over nine years of experience in the cyber security space. He has spent the last 5 years focused on digital forensics and incident response (DFIR). His current hobbies include playing with data and failing to learn Rust. Gary J. Katz is still trying to figure out what to do with his life while contemplating what its purpose really is. While not spiraling into this metaphysical black hole compounded by the plagues and insanity of this world, he sometimes thinks about cyber security problems and writes them down. These ruminations are, on occasion, captured in articles and books.