9 Detection Validation

Cyber security defenses are designed to protect a company’s information assets. This amalgamation of trained personnel, specialized technology, and underlying processes can be designed based on security best practices, threat modeling outputs, technical knowledge, available threat intelligence, and expert judgment. Once implemented, we need assurance that controls work as expected, under realistic conditions. Cyber security validation aims to create these conditions, that is, the techniques, tactics, and procedures used by threat actors, to measure the effectiveness of defensive control.

Cyber security validation has the goal of producing tangible measurements of how well a security program is performing. For detection ...

Get Practical Threat Detection Engineering now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Threat Detection Engineering by Megan Roddie, Jason Deyalsingh, Gary J. Katz

9

Detection Validation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly