My quick and dirty list of not-so-obvious complementary skills for Detection Engineers. These are the things I study on my "low-tech" days. Most of these are mindset/procces centric and require minimal technology. #infosec #CyberSecurity #DetectionEngineers #BlackTechTwitter

First up, Statistical Analysis. Statistical analysis is the process of collecting and analyzing data in order to discern patterns and trends. This is useful when establishing baselines and identifying anomalies. simplilearn.com/what-is-statis…

Second, Reasoning. Understanding the different types of reasoning and when you should apply them will allow you to efficiently analyze massive amounts of data. indeed.com/career-advice/…

Third, Storytelling. Storytelling enables you to interpret and understand adversarial patterns as a narrative instead of isolated events. This will enable you to connect potential targets, TTP, and observed behaviors to more accurately build detections. education.nationalgeographic.org/resource/eleme…

Next up, is Capability Abstraction. Capability abstraction allows DEs to verify the quality, coverage, and effectiveness of their detections. @jaredcatkinson (ooooooosiiiixx🤙🏾🦍) does a much better job than I can do explaining this.

Finally, before I dip, is CI/CD. Detections require maintenance and adjusting to emerging threats. Adopting a CI/CD mindset allows us to push detections with speed and scale to enable the SOC to be more effective.