Security Logging & Monitoring
Work in Progress
This section is a work in progress: It will probably drastically change in the upcoming days.
Programs¶
| Link | Description |
|---|---|
| Snowflake Threat Detection Maturity Framework | How do you measure the success or maturity of a Threat Detection program? What should a Threat Detection team roadmap look like? What is the north star for Threat Detection? |
| SpecterOps Prioritization of the Detection Engineering Backlog | A prioritization strategy based on inputs for the detection engineering backlog |
| Expel How much does it cost to build a 24x7 SOC?: Not all 24x7 SOCs are created equal. In this post, the Expel team outlines four possible security operations centers and an estimate of their cost. |
Detections¶
| Link | Description |
|---|---|
| SpecterOps Detections of Past, Present, and Future | Post discussing an often overlooked component of building detections; the "when" in time a detection covers |
| SpecterOps Evadere Classifications. Introduction | Deep dive into the different types of evasion and bypasses an adversary will use during an attack chain. |