📚🔒👀 Need a good book this weekend? Want to be a Detection Engineer? Want to level up your detection game? Look no further! Check out my personal reading recommendations on the history and evolution of detection. #cybersecurity#detectionengineering#books#readinglist 🤓📖
1️⃣ First up is "An Intrusion Detection Model" by Dorothy Denning, a pioneering 1987 paper that proposes a model for intrusion detection consisting of data collection, analysis, and management.
2️⃣ "Detection Engineering: Defending Networks with Purpose" by Peter Di Giorgio discusses the importance of custom detection logic in network security.
3️⃣ "A Lone Wolf No More" proposes a system that integrates machine learning and real-time threat intelligence feeds to enhance network intrusion detection systems.
4️⃣ "The Cuckoo's Egg" by Clifford Stoll tells a true story of a computer attacker who infiltrated the Lawrence Berkeley National Laboratory in California in the 1980s, highlighting the risks and consequences of cybercrime.
5️⃣ "Security Analytics: Using Data to Detect Cyber Attacks" covers the basics of data collection and analysis as well as advanced topics such as machine learning and threat intelligence.
6️⃣ "Applied Network Security Monitoring" by Chris Sanders is a practical guide to implementing network security monitoring in an organization, covering tools and techniques for incident response and log analysis.
7️⃣ "Adversarial Tradecraft in Cybersecurity" by Dan Borges covers practical techniques and strategies related to the art of attack, defense, and deception in cybersecurity.
8️⃣ Lastly, "Essential Cybersecurity Science" by Josiah Dykstra covers a wide range of cybersecurity science topics, including human factors such as social engineering and insider threats.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Are you interested in becoming a Detection Engineer? 🕵️♂️🔎
Detection Engineers play a crucial role in identifying and preventing security breaches in organizations. But what skills do you need to become one? Here's a road map to guide you. #DetectionEngineer#CyberSecurity
Technical Skills: A strong foundation in network security technologies, protocols, programming languages, and tools like IDPS, firewalls, and SIEM systems is essential.
Cybersecurity Knowledge: Understanding common attack methods, threat actors, and security best practices is crucial for detecting and preventing security breaches.
My quick and dirty list of not-so-obvious complementary skills for Detection Engineers. These are the things I study on my "low-tech" days. Most of these are mindset/procces centric and require minimal technology. #infosec#CyberSecurity#DetectionEngineers#BlackTechTwitter
First up, Statistical Analysis. Statistical analysis is the process of collecting and analyzing data in order to discern patterns and trends. This is useful when establishing baselines and identifying anomalies. simplilearn.com/what-is-statis…
Second, Reasoning. Understanding the different types of reasoning and when you should apply them will allow you to efficiently analyze massive amounts of data. indeed.com/career-advice/…
Here’s my quick an dirty lab workout for Detection Engineers. I do this work out 2 to 3 times a week for about 2 hours. #CyberSecurity#infosec#BlackTechTwitter
First you’ll need a lab. I don’t romanticize the struggles of building a lab. Sure, you learn a lot but you’re trying to start building detections. So I recommend using an automated set up like this one. github.com/clong/Detectio…
Next, you’ll need a way to simulate a text to your environment. My favorite for beginners is @redcanary’s atomic request team github.com/redcanaryco/at…