Skip to content

Security Logging & Monitoring

Work in Progress

This section is a work in progress: It will probably drastically change in the upcoming days.


Link Description
Snowflake Threat Detection Maturity Framework How do you measure the success or maturity of a Threat Detection program? What should a Threat Detection team roadmap look like? What is the north star for Threat Detection?
SpecterOps Prioritization of the Detection Engineering Backlog A prioritization strategy based on inputs for the detection engineering backlog
Expel How much does it cost to build a 24x7 SOC?: Not all 24x7 SOCs are created equal. In this post, the Expel team outlines four possible security operations centers and an estimate of their cost.


Link Description
SpecterOps Detections of Past, Present, and Future Post discussing an often overlooked component of building detections; the "when" in time a detection covers
SpecterOps Evadere Classifications. Introduction Deep dive into the different types of evasion and bypasses an adversary will use during an attack chain.