Detection Engineering
Understand various threat detection methodologies, rule syntax and tools, and learn how to apply them in a SOC environment.
In this module, we shall be looking at the concepts of detection engineering, including a usable lifecycle, rule writing and testing, orchestration and automation. We’ll dive deeper into how to write detection rules using Sigma and how Windows Event alerts can be triggered using an EDR called Aurora. Additionally, we shall cover the basic concepts of Security Orchestration, Automation and Response (SOAR) and look at how you can implement playbooks and workflows in different scenarios.
0%
Intro to Detection Engineering
Introduce the concept of detection engineering and the frameworks used towards crafting effective threat detection strategies.
0%
Tactical Detection
Establish a baseline knowledge of tactical detection, leveraging efficient techniques to bolster your security posture.
0%
Threat Intelligence for SOC
Learn how to utilise Threat Intelligence to improve the Security Operations pipeline.
0%
Sigma
Provide understanding to Sigma, a Generic Signature Format for SIEM Systems.
0%
SigHunt
You are tasked to create detection rules based on a new threat intel.
0%
Aurora EDR
Familiarise with the use of a Sigma-based EDR tool, Aurora.
0%
SOAR
Learn the concepts and methodology surrounding security orchestration, automation and response.
Need to know
Cyber Threat Intelligence
Learn about identifying and using available security knowledge to mitigate and manage potential adversary actions.
Endpoint Security Monitoring
Monitoring activity on workstations is essential, as that’s where adversaries spend the most time trying to achieve their objectives.
Advanced ELK
Learn about the main components of the ELK stack by going through the installation and configuring process and linking them together to form an effective log analysis utility.
What are modules?
A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).
