Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Fundamentals of Detection Engineering
- Core concepts and key responsibilities
- The detection engineering lifecycle
- Essential tools and telemetry sources
Understanding Log Sources
- Endpoint logs and event artifacts
- Network traffic and flow data
- Cloud and identity provider logs
Threat Intelligence for Detection
- Various types of threat intelligence
- Utilizing TI to guide detection design
- Mapping threats to relevant log sources
Developing Effective Detection Rules
- Rule logic and pattern structures
- Distinguishing behavioral detection from signature-based activity
- Utilizing Sigma, Elastic, and SIEM rules
Alert Tuning and Optimization
- Minimizing false positives
- Iterative refinement of rules
- Understanding alert context and thresholds
Investigation Techniques
- Validating detections
- Pivoting across different data sources
- Documenting findings and investigation notes
Operationalizing Detections
- Versioning and change management
- Deploying rules to production systems
- Monitoring rule performance over time
Advanced Concepts for Junior Engineers
- Alignment with MITRE ATT&CK framework
- Data normalization and parsing
- Automation opportunities in detection workflows
Summary and Next Steps
Requirements
- A solid understanding of basic networking principles
- Practical experience using operating systems such as Windows or Linux
- Familiarity with fundamental cybersecurity terminology
Target Audience
- Junior analysts interested in security monitoring
- New members of SOC teams
- IT professionals transitioning into detection engineering
21 Hours
Testimonials (2)
Clarity and pace of explanations
Federica Galeazzi - Aethra Telecomunications SRL
Course - AI-Powered Cybersecurity: Advanced Threat Detection & Response
It did give me the insight what I needed :) I am starting teaching on a BTEC Level 3 qualification and wanted to widen my knowledge in this area.