Practical Threat Detection Engineering A Hands-On Guide to Planning, Developing, and Validating Detection Capabilities

Book Cover
Average Rating
Author
Roddie, Megan.
Published
Birmingham : Packt Publishing, Limited, 2023.
Status
Available Online

Description

Go on a journey through the threat detection engineering lifecycle while enriching your skill set and protecting your organization Key Features Gain a comprehensive understanding of threat validation Leverage open source tools to test security detections Harness open source content to supplement detection and testing Book Description Threat validation is an indispensable component of every security detection program, ensuring a healthy detection pipeline. This comprehensive detection engineering guide will serve as an introduction for those who are new to detection validation, providing valuable guidelines to swiftly bring you up to speed. The book will show you how to apply the supplied frameworks to assess, test, and validate your detection program. It covers the entire life cycle of a detection, from creation to validation, with the help of real-world examples. Featuring hands-on tutorials, projects, and self-assessment questions, this guide will enable you to confidently validate the detections in your security program. By the end of this book, you'll have developed the skills necessary to test your security detection program and strengthen your organization's security measures. What you will learn Understand the detection engineering process Build a detection engineering test lab Learn how to maintain detections as code Understand how threat intelligence can be used to drive detection development Prove the effectiveness of detection capabilities to business leadership Learn how to limit attackers' ability to inflict damage by detecting any malicious activity early Who this book is for This book is for security analysts and engineers seeking to improve their organization's security posture by mastering the detection engineering lifecycle. To get started with this book, you'll need a basic understanding of cybersecurity concepts, along with some experience with detection and alert capabilities.

More Details

Format
Edition
1st edition.
Language
English
ISBN
9781801073646, 1801073643

Notes

General Note
Description based upon print version of record.
Description
Go on a journey through the threat detection engineering lifecycle while enriching your skill set and protecting your organization Key Features Gain a comprehensive understanding of threat validation Leverage open source tools to test security detections Harness open source content to supplement detection and testing Book Description Threat validation is an indispensable component of every security detection program, ensuring a healthy detection pipeline. This comprehensive detection engineering guide will serve as an introduction for those who are new to detection validation, providing valuable guidelines to swiftly bring you up to speed. The book will show you how to apply the supplied frameworks to assess, test, and validate your detection program. It covers the entire life cycle of a detection, from creation to validation, with the help of real-world examples. Featuring hands-on tutorials, projects, and self-assessment questions, this guide will enable you to confidently validate the detections in your security program. By the end of this book, you'll have developed the skills necessary to test your security detection program and strengthen your organization's security measures. What you will learn Understand the detection engineering process Build a detection engineering test lab Learn how to maintain detections as code Understand how threat intelligence can be used to drive detection development Prove the effectiveness of detection capabilities to business leadership Learn how to limit attackers' ability to inflict damage by detecting any malicious activity early Who this book is for This book is for security analysts and engineers seeking to improve their organization's security posture by mastering the detection engineering lifecycle. To get started with this book, you'll need a basic understanding of cybersecurity concepts, along with some experience with detection and alert capabilities.
Local note
O'Reilly O'Reilly Online Learning: Academic/Public Library Edition

Discover More

Also in this Series

Checking series information...

More Like This

  • Finding ghosts in your data: anomaly detection techniques with examples in Python Cover
  • Beginning anomaly detection using Python-based deep learning: implement anomaly detection applications with Keras and PyTorch Cover
  • Deep learning and XAI techniques for anomaly detection: integrating the theory and practice of deep anomaly explainability Cover
  • Beginning anomaly detection using Python-based deep learning: with Keras and PyTorch Cover
  • Cyber resiliency solution for IBM Spectrum Scale Cover
  • Azure Security for critical workloads: implementing modern security controls for authentication, authorization and auditing Cover
  • AI, machine learning and deep learning: a security perspective Cover
  • IBM Hyper protect platform: applying data protection and confidentiality in a hybrid cloud environment Cover
  • IT auditing: using controls to protect information assets Cover
  • Aligning security operations with the MITRE ATT&CK framework: level up your security operations center for better security Cover
  • How to hack like a legend: Breaking windows Cover
  • Cybersecurity attacks: Red Team strategies : a practical guide to building a penetration testing program having homefield advantage Cover
  • Bug bounty hunting for web security: find and exploit vulnerabilities in web sites and applications Cover
  • Post-incident reviews: learning from failure for improved incident response Cover
  • Practical cyber forensics: an incident-based approach to forensic investigations Cover
  • Privileged attack vectors: building effective cyber-defense strategies to protect organizations Cover
  • PCI DSS: a pocket guide Cover
  • Computer and information security handbook Cover
  • Hands-on security in DevOps: ensure continuous security, deployment, and delivery with DevSecOps Cover
  • Container security: fundamental technology concepts that protect containerized applications Cover
  • Information security handbook: enhance your proficiency in information security program development Cover
  • OPNsense Beginner to Professional: Protect Networks and Build Next-Generation Firewalls Easily with OPNsense Cover
  • Fixing an insecure software life cycle: practical techniques for building security into existing software development programs Cover
  • Hands-on bug hunting for penetration testers: a practical guide to help ethical hackers discover web application security flaws Cover
  • Proactive early threat detection and securing Oracle Database with IBM QRadar, IBM Security Guardium Database Protection, and IBM Copy Services Manager by using IBM FlashSystem Safeguarded Copy Cover

Published Reviews

Reviews from GoodReads

Loading GoodReads Reviews.

Citations

APA Citation, 7th Edition (style guide)

Roddie, M., Deyalsingh, J., & Katz, G. J. (2023). Practical Threat Detection Engineering: A Hands-On Guide to Planning, Developing, and Validating Detection Capabilities (1st edition.). Packt Publishing, Limited.

Chicago / Turabian - Author Date Citation, 17th Edition (style guide)

Roddie, Megan, Jason. Deyalsingh and Gary J. Katz. 2023. Practical Threat Detection Engineering: A Hands-On Guide to Planning, Developing, and Validating Detection Capabilities. Birmingham: Packt Publishing, Limited.

Chicago / Turabian - Humanities (Notes and Bibliography) Citation, 17th Edition (style guide)

Roddie, Megan, Jason. Deyalsingh and Gary J. Katz. Practical Threat Detection Engineering: A Hands-On Guide to Planning, Developing, and Validating Detection Capabilities Birmingham: Packt Publishing, Limited, 2023.

Harvard Citation (style guide)

Roddie, M., Deyalsingh, J. and Katz, G. J. (2023). Practical threat detection engineering: a hands-on guide to planning, developing, and validating detection capabilities. 1st edn. Birmingham: Packt Publishing, Limited.

MLA Citation, 9th Edition (style guide)

Roddie, Megan., Jason Deyalsingh, and Gary J Katz. Practical Threat Detection Engineering: A Hands-On Guide to Planning, Developing, and Validating Detection Capabilities 1st edition., Packt Publishing, Limited, 2023.

Note! Citations contain only title, author, edition, publisher, and year published. Citations should be used as a guideline and should be double checked for accuracy. Citation formats are based on standards as of August 2021.

Staff View

Grouped Work ID
fef02d58-fb13-2b4c-bbd2-1ca98fc9c770-eng
Go To Grouped Work View in Staff Client

Grouping Information

Grouped Work IDfef02d58-fb13-2b4c-bbd2-1ca98fc9c770-eng
Full titlepractical threat detection engineering a hands on guide to planning developing and validating detection capabilities
Authorroddie megan
Grouping Categorybook
Last Update2025-01-24 12:33:29PM
Last Indexed2025-05-03 03:41:42AM

Book Cover Information

Image Sourcedefault
First LoadedDec 23, 2024
Last UsedApr 6, 2025

Marc Record

First DetectedDec 16, 2024 11:26:51 PM
Last File Modification TimeDec 17, 2024 08:26:17 AM
SuppressedRecord had no items

MARC Record

LEADER04303cam a22004937a 4500
001on1388493602
003OCoLC
00520241217082337.0
006m     o  d        
007cr cnu||||||||
008230708s2023    enk     o     000 0 eng d
015 |a GBC3C2093|2 bnb
0167 |a 021120958|2 Uk
020 |a 9781801073646
020 |a 1801073643
035 |a (OCoLC)1388493602
037 |a 9781801076715|b O'Reilly Media
037 |a 10251369|b IEEE
040 |a EBLCP|b eng|c EBLCP|d ORMDA|d IEEEE|d OCLCO|d UKMGB|d OCLCF|d OCLCO|d UKAHL
049 |a MAIN
050 4|a TK5105.59
08204|a 005.8|2 23/eng/20230808
1001 |a Roddie, Megan.
24510|a Practical Threat Detection Engineering|h [electronic resource] :|b A Hands-On Guide to Planning, Developing, and Validating Detection Capabilities /|c Megan Roddie, Jason Deyalsingh, Gary J. Katz.
250 |a 1st edition.
260 |a Birmingham :|b Packt Publishing, Limited,|c 2023.
300 |a 1 online resource (328 p.)
336 |a text|2 rdacontent
337 |a computer|2 rdamedia
338 |a online resource|2 rdacarrier
500 |a Description based upon print version of record.
5050 |a Table of Contents Fundamentals of Detection Engineering The Detection Engineering Life Cycle Building a Detection Engineering Test Lab Detection Data Sources Investigating Detection Requirements Developing Detections Using Indicators of Compromise Developing Detections Using Behavioral Indicators Documentation and Detection Pipelines Detection Validation Leveraging Threat Intelligence Performance Management Career Guidance for Detection Engineers.
520 |a Go on a journey through the threat detection engineering lifecycle while enriching your skill set and protecting your organization Key Features Gain a comprehensive understanding of threat validation Leverage open source tools to test security detections Harness open source content to supplement detection and testing Book Description Threat validation is an indispensable component of every security detection program, ensuring a healthy detection pipeline. This comprehensive detection engineering guide will serve as an introduction for those who are new to detection validation, providing valuable guidelines to swiftly bring you up to speed. The book will show you how to apply the supplied frameworks to assess, test, and validate your detection program. It covers the entire life cycle of a detection, from creation to validation, with the help of real-world examples. Featuring hands-on tutorials, projects, and self-assessment questions, this guide will enable you to confidently validate the detections in your security program. By the end of this book, you'll have developed the skills necessary to test your security detection program and strengthen your organization's security measures. What you will learn Understand the detection engineering process Build a detection engineering test lab Learn how to maintain detections as code Understand how threat intelligence can be used to drive detection development Prove the effectiveness of detection capabilities to business leadership Learn how to limit attackers' ability to inflict damage by detecting any malicious activity early Who this book is for This book is for security analysts and engineers seeking to improve their organization's security posture by mastering the detection engineering lifecycle. To get started with this book, you'll need a basic understanding of cybersecurity concepts, along with some experience with detection and alert capabilities.
590 |a O'Reilly|b O'Reilly Online Learning: Academic/Public Library Edition
650 0|a Anomaly detection (Computer security)
650 0|a Computer networks|x Security measures.|9 68848
7001 |a Deyalsingh, Jason.
7001 |a Katz, Gary J.|9 202399
77608|i Print version:|a Roddie, Megan|t Practical Threat Detection Engineering|d Birmingham : Packt Publishing, Limited,c2023
85640|u https://library.access.arlingtonva.us/login?url=https://learning.oreilly.com/library/view/~/9781801076715/?ar|x O'Reilly|z eBook
938 |a Askews and Holts Library Services|b ASKH|n AH41250382
938 |a ProQuest Ebook Central|b EBLB|n EBL30610517
994 |a 92|b VIA
999 |c 359479|d 359479