Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Foundations of Detection Engineering
- Core concepts and job responsibilities
- The detection engineering lifecycle
- Essential tools and telemetry sources
Understanding Log Sources
- Endpoint logs and event artifacts
- Network traffic and flow data
- Logs from cloud and identity providers
Threat Intelligence for Detection
- Categories of threat intelligence
- Utilising TI to shape detection design
- Linking threats to appropriate log sources
Constructing Effective Detection Rules
- Rule logic and pattern structures
- Identifying behavioural versus signature-based activity
- Utilising Sigma, Elastic, and SO rules
Alert Tuning and Optimisation
- Minimising false positives
- Iterative refinement of rules
- Grasping alert context and thresholds
Investigation Techniques
- Validating detections
- Pivoting across various data sources
- Documenting findings and investigation notes
Operationalising Detections
- Versioning and change management
- Deploying rules to production environments
- Monitoring rule performance over time
Advanced Concepts for Junior Engineers
- Alignment with MITRE ATT&CK
- Data normalisation and parsing
- Opportunities for automation in detection workflows
Summary and Next Steps
Requirements
- A grasp of fundamental networking principles
- Experience using operating systems such as Windows or Linux
- Awareness of basic cybersecurity terminology
Target Audience
- Junior analysts keen on security monitoring
- Newly recruited SOC team members
- IT professionals transitioning into detection engineering
21 Hours
Testimonials (2)
Clarity and pace of explanations
Federica Galeazzi - Aethra Telecomunications SRL
Course - AI-Powered Cybersecurity: Advanced Threat Detection & Response
It did give me the insight what I needed :) I am starting teaching on a BTEC Level 3 qualification and wanted to widen my knowledge in this area.