all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Trying to understand threat detection engineering.

Add to bookmarks
Nov. 8, 2023, 4:22 p.m. | /u/killersmodReddit

cybersecurity www.reddit.com

So I have been tasked with creating siem and edr rules. However I am finding it diffucult to do what i would call a true value add.


We use windows defender + edr.
We use all of AWS security services
We have siem + soar
We use pulses and feeds for live IOC


I find it difficult to add rules other than for trending/new threats and internal policy violations. Any books, courses, materials I can try would be super nice. …

aws call cybersecurity defender detection detection engineering edr engineering ioc live rules security security services services siem soar threat threat detection threat detection engineering understand value windows windows defender

Visit resource

More from www.reddit.com / cybersecurity

Millions of Malicious Containers Found on Docker Hub 2 hours ago | www.reddit.com
containers cybersecurity docker docker hub +3
Marriott admits it falsely claimed for five years it was using encryption during 2018 breach 2 hours ago | www.reddit.com
breach cybersecurity encryption marriott
What sets apart the best cybersecurity people from the rest of the crowd? 3 hours ago | www.reddit.com
ccna competition crowd cybersecurity +7
Splunk Boss of the SOC - Thoughts? 4 hours ago | www.reddit.com
boss cheers competition cybersecurity +4
A Citrix portal with no multi-factor authentication led to the hack of UnitedHealth subsidiary, Change … 5 hours ago | www.reddit.com
cybersecurity
How an empty S3 bucket can make your AWS bill explode 8 hours ago | www.reddit.com
aws bill can cybersecurity +1
What Certifications to do? 9 hours ago | www.reddit.com
apprenticeship ask beginner can +14
Adopting Pentesting into an SDLC 9 hours ago | www.reddit.com
apps bank bosses clients +9
CrushFTP vulnerability CVE-2024-4040: what you need to know 16 hours ago | www.reddit.com
crushftp cve cve-2024 cve-2024-4040 +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Threat Analysis Engineer

@ Gen | IND - Tamil Nadu, Chennai
View on infosec-jobs.com

Head of Security

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com

IT Security Vulnerability Management Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Security Engineer - Netskope/Proofpoint

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Journeyman Cybersecurity Analyst

@ ISYS Technologies | Kirtland AFB, NM, United States
View on infosec-jobs.com
View more jobs