Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Foundations of Detection Engineering
- Core concepts and responsibilities.
- The detection engineering lifecycle.
- Key tools and telemetry sources.
Understanding Log Sources
- Endpoint logs and event artifacts.
- Network traffic and flow data.
- Cloud and identity provider logs.
Threat Intelligence for Detection
- Types of threat intelligence.
- Using threat intelligence to inform detection design.
- Mapping threats to relevant log sources.
Building Effective Detection Rules
- Rule logic and pattern structures.
- Detecting behavioral versus signature-based activity.
- Utilizing Sigma, Elastic, and SO rules.
Alert Tuning and Optimization
- Minimizing false positives.
- Iterative rule refinement.
- Understanding alert context and thresholds.
Investigation Techniques
- Validating detections.
- Pivoting across data sources.
- Documenting findings and investigation notes.
Operationalizing Detections
- Versioning and change management.
- Deploying rules to production systems.
- Monitoring rule performance over time.
Advanced Concepts for Junior Engineers
- Alignment with MITRE ATT&CK.
- Data normalization and parsing.
- Automation opportunities in detection workflows.
Summary and Next Steps
Requirements
- A foundational understanding of basic networking concepts.
- Practical experience with operating systems such as Windows or Linux.
- Familiarity with fundamental cybersecurity terminology.
Audience
- Junior analysts interested in security monitoring.
- New members of SOC teams.
- IT professionals transitioning into detection engineering roles.
21 Hours
Testimonials (2)
Clarity and pace of explanations
Federica Galeazzi - Aethra Telecomunications SRL
Course - AI-Powered Cybersecurity: Advanced Threat Detection & Response
It did give me the insight what I needed :) I am starting teaching on a BTEC Level 3 qualification and wanted to widen my knowledge in this area.