2 docs tagged with "detection-engineering"

Master threat intelligence lifecycle, MITRE ATT&CK, Kill Chain, Diamond Model, IoC/IoA classification, YARA/Sigma rules, and TI operationalization.

Build detection pipelines with Sigma rules, YARA, Elastic EQL, and Splunk SPL; automate response with SOAR; validate coverage with ATT&CK and Atomic Red Team.