Practical Threat Detection Engineering

Preface

Part 1: Introduction to Detection Engineering

1 Fundamentals of Detection Engineering

Foundational concepts

The Unified Kill Chain

The MITRE ATT&CK framework

The Pyramid of Pain

Types of cyberattacks

The motivation for detection engineering

Defining detection engineering

Important distinctions

The value of a detection engineering program

The need for better detection

The qualities of good detection

The benefits of a detection engineering program

A guide to using this book

The book's structure

Practical exercises

Summary

2 The Detection Engineering Life Cycle

Phase 1 – Requirements Discovery

Characteristics of a complete detection requirement

Detection requirement sources

Exercise – understanding your organization’s ...

Get Practical Threat Detection Engineering now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Threat Detection Engineering by Megan Roddie, Jason Deyalsingh, Gary J. Katz

Table of Contents