Chapter 12: Working with Analytics and Detection Engineering in Incident Response

So far in this book, you have learned about the fundamentals of incident response, the knowledge of the attacker's behaviors using threat intelligence, and the way that you can implement and use different tools to improve the capacity of your organization to respond to attacks.

However, in the critical moments when an incident occurs, it is essential to know what you need to look for and where to get relevant information.

There are multiple sources of information where you can get valuable data about malicious behaviors to define an identification and contention strategy. You can do this by implementing analytics and detection engineering in incident response. ...

Get Incident Response with Threat Intelligence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Incident Response with Threat Intelligence by Roberto Martínez

Chapter 12: Working with Analytics and Detection Engineering in Incident Response

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly