📚🔒👀 Need a good book this weekend? Want to be a Detection Engineer? Want to level up your detection game? Look no further! Check out my personal reading recommendations on the history and evolution of detection. #cybersecurity #detectionengineering #books #readinglist 🤓📖
1️⃣ First up is "An Intrusion Detection Model" by Dorothy Denning, a pioneering 1987 paper that proposes a model for intrusion detection consisting of data collection, analysis, and management.
2️⃣ "Detection Engineering: Defending Networks with Purpose" by Peter Di Giorgio discusses the importance of custom detection logic in network security.
3️⃣ "A Lone Wolf No More" proposes a system that integrates machine learning and real-time threat intelligence feeds to enhance network intrusion detection systems.
4️⃣ "The Cuckoo's Egg" by Clifford Stoll tells a true story of a computer attacker who infiltrated the Lawrence Berkeley National Laboratory in California in the 1980s, highlighting the risks and consequences of cybercrime.
5️⃣ "Security Analytics: Using Data to Detect Cyber Attacks" covers the basics of data collection and analysis as well as advanced topics such as machine learning and threat intelligence.
6️⃣ "Applied Network Security Monitoring" by Chris Sanders is a practical guide to implementing network security monitoring in an organization, covering tools and techniques for incident response and log analysis.
7️⃣ "Adversarial Tradecraft in Cybersecurity" by Dan Borges covers practical techniques and strategies related to the art of attack, defense, and deception in cybersecurity.
8️⃣ Lastly, "Essential Cybersecurity Science" by Josiah Dykstra covers a wide range of cybersecurity science topics, including human factors such as social engineering and insider threats.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Blue Team Thomas

Blue Team Thomas Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @TheEis4Extra

Mar 9
Are you interested in becoming a Detection Engineer? 🕵️‍♂️🔎

Detection Engineers play a crucial role in identifying and preventing security breaches in organizations. But what skills do you need to become one? Here's a road map to guide you. #DetectionEngineer #CyberSecurity
Technical Skills: A strong foundation in network security technologies, protocols, programming languages, and tools like IDPS, firewalls, and SIEM systems is essential.
Cybersecurity Knowledge: Understanding common attack methods, threat actors, and security best practices is crucial for detecting and preventing security breaches.
Read 10 tweets
Oct 23, 2022
My quick and dirty list of not-so-obvious complementary skills for Detection Engineers. These are the things I study on my "low-tech" days. Most of these are mindset/procces centric and require minimal technology. #infosec #CyberSecurity #DetectionEngineers #BlackTechTwitter
First up, Statistical Analysis. Statistical analysis is the process of collecting and analyzing data in order to discern patterns and trends. This is useful when establishing baselines and identifying anomalies. simplilearn.com/what-is-statis…
Second, Reasoning. Understanding the different types of reasoning and when you should apply them will allow you to efficiently analyze massive amounts of data. indeed.com/career-advice/…
Read 6 tweets
Oct 18, 2022
Here’s my quick an dirty lab workout for Detection Engineers. I do this work out 2 to 3 times a week for about 2 hours. #CyberSecurity #infosec #BlackTechTwitter
First you’ll need a lab. I don’t romanticize the struggles of building a lab. Sure, you learn a lot but you’re trying to start building detections. So I recommend using an automated set up like this one. github.com/clong/Detectio…
Next, you’ll need a way to simulate a text to your environment. My favorite for beginners is @redcanary’s atomic request team github.com/redcanaryco/at…
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(