Leveraging Threat Intelligence

When discussing detection requirement sources in Chapter 2, we introduced the topic of threat intelligence as it relates to detection engineering. In this chapter, we will take a deeper dive into the topic and, specifically, the role it plays within detection engineering. First, we’ll provide a very brief overview of the types of threat intelligence we will be looking at. After the brief introduction to the topic, we’ll focus on its role in the Requirements Discovery, Triage, and Investigate phases of the detection engineering life cycle. The final topic in this chapter is threat assessments and how they can be used as a source of detection requirements. These concepts will be illustrated through the use of ...

Get Practical Threat Detection Engineering now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.