Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

Solutions for Emerging Risks

Discover tailored resources that translate emerging threats into actionable strategies

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

Detection Engineering: Defending Networks with Purpose

Download File
Detection Engineering: Defending Networks with Purpose (PDF, 4.30MB)Published: 21 Jul, 2021
Created by
Peter Di Giorgio

Detection engineering is becoming a common term in the information security industry, but it is still a maturing concept. From the perspective of a military philosopher, this paper will explore the tactics, techniques, and procedures behind detection engineering. The goal is to give analysts, researchers, and decision-makers tools to apply in their organizations today. This research explores a method to template threats to an organization, analyze a capability against the threat template for detection gaps, and engineer detections to close observed gaps. With a handful of open-source tools, it will be possible to achieve a military-grade defensive posture. Network defenders will be able to use detection engineering to defend networks with knowledge and purpose.