Share this page!

Blue Team Thomas Profile picture
Twitter logo
Mar 9 10 tweets 2 min read
Are you interested in becoming a Detection Engineer? 🕵️‍♂️🔎

Detection Engineers play a crucial role in identifying and preventing security breaches in organizations. But what skills do you need to become one? Here's a road map to guide you. #DetectionEngineer #CyberSecurity
Technical Skills: A strong foundation in network security technologies, protocols, programming languages, and tools like IDPS, firewalls, and SIEM systems is essential.
Cybersecurity Knowledge: Understanding common attack methods, threat actors, and security best practices is crucial for detecting and preventing security breaches.
Adversarial Tradecraft: Knowledge of the techniques and methods used by attackers to gain unauthorized access to computer systems, networks, or data is essential to defend against adversarial tradecraft.
Analytical Skills: The ability to analyze large volumes of data and identify potential threats and suspicious activities is critical.
Statistics: Quantify and measure the effectiveness of your detection logic using statistical data related to events and alerts.
Communication Skills: Effective communication with technical and non-technical stakeholders is essential to ensure potential threats are identified and addressed promptly.
Problem Solving Skills: The ability to identify and solve complex problems quickly and make decisions under pressure is essential.
Continuous Learning: The world of cybersecurity is constantly evolving, and Detection Engineers must be proactive in seeking out new information and resources to improve their skills and knowledge.
Remember, this road map is a foundational guide, and many DEs have additional skills that make them excellent at their work. Keep learning, keep growing, and keep your organization safe from cyber threats! #DetectionEngineer #Cybersecurity #ContinuousLearning

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Blue Team Thomas

Blue Team Thomas Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @TheEis4Extra

Blue Team Thomas Profile picture
Mar 10
📚🔒👀 Need a good book this weekend? Want to be a Detection Engineer? Want to level up your detection game? Look no further! Check out my personal reading recommendations on the history and evolution of detection. #cybersecurity #detectionengineering #books #readinglist 🤓📖
1️⃣ First up is "An Intrusion Detection Model" by Dorothy Denning, a pioneering 1987 paper that proposes a model for intrusion detection consisting of data collection, analysis, and management.
2️⃣ "Detection Engineering: Defending Networks with Purpose" by Peter Di Giorgio discusses the importance of custom detection logic in network security.
Read 9 tweets
Blue Team Thomas Profile picture
Oct 23, 2022
My quick and dirty list of not-so-obvious complementary skills for Detection Engineers. These are the things I study on my "low-tech" days. Most of these are mindset/procces centric and require minimal technology. #infosec #CyberSecurity #DetectionEngineers #BlackTechTwitter
First up, Statistical Analysis. Statistical analysis is the process of collecting and analyzing data in order to discern patterns and trends. This is useful when establishing baselines and identifying anomalies. simplilearn.com/what-is-statis…
Second, Reasoning. Understanding the different types of reasoning and when you should apply them will allow you to efficiently analyze massive amounts of data. indeed.com/career-advice/…
Read 6 tweets
Blue Team Thomas Profile picture
Oct 18, 2022
Here’s my quick an dirty lab workout for Detection Engineers. I do this work out 2 to 3 times a week for about 2 hours. #CyberSecurity #infosec #BlackTechTwitter
First you’ll need a lab. I don’t romanticize the struggles of building a lab. Sure, you learn a lot but you’re trying to start building detections. So I recommend using an automated set up like this one. github.com/clong/Detectio…
Next, you’ll need a way to simulate a text to your environment. My favorite for beginners is @redcanary’s atomic request team github.com/redcanaryco/at…
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(