Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Automating Security Detection Engineering
  • Table Of Contents Toc
Automating Security Detection Engineering

Automating Security Detection Engineering

By : Dennis Chow
4.6 (11)
close
close
Automating Security Detection Engineering

Automating Security Detection Engineering

4.6 (11)
By: Dennis Chow

Overview of this book

Today's global enterprise security programs grapple with constantly evolving threats. Even though the industry has released abundant security tools, most of which are equipped with APIs for integrations, they lack a rapid detection development work stream. This book arms you with the skills you need to automate the development, testing, and monitoring of detection-based use cases. You’ll start with the technical architecture, exploring where automation is conducive throughout the detection use case lifecycle. With the help of hands-on labs, you’ll learn how to utilize threat-informed defense artifacts and then progress to creating advanced AI-powered CI/CD pipelines to bolster your Detection as Code practices. Along the way, you'll develop custom code for EDRs, WAFs, SIEMs, CSPMs, RASPs, and NIDS. The book will also guide you in developing KPIs for program monitoring and cover collaboration mechanisms to operate the team with DevSecOps principles. Finally, you'll be able to customize a Detection as Code program that fits your organization's needs. By the end of the book, you'll have gained the expertise to automate nearly the entire use case development lifecycle for any enterprise.
Table of Contents (16 chapters)
close
close
Lock Free Chapter
1
Part 1: Automating Detection Inputs and Deployments
6
Part 2: Automating Validations within CI/CD Pipelines
10
Part 3: Monitoring Program Effectiveness

Summary

In this chapter, we’ve learned about the core concepts of what’s involved in successfully managing use cases for detection-engineering-focused teams. These include a life cycle that involves establishing requirements, development, testing, implementation, and deprecation. To facilitate that life cycle, we needed to determine what technology components and solutions were able to achieve this in a highly automated capacity.

Choosing the types of technologies based on organization-approved solutions and stack requirements included version control system, build job running compute, build time testing instrumentation, secrets management, and ensuring adequate support for each enterprise tool that was available in their APIs and an established use case syntax.

We finally wrapped up all of our decisions by utilizing a simple checklist, decision, and justification matrix to help our organization understand the impact and advantages of investing time and resources...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Automating Security Detection Engineering
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon