Talk With an Expert

SANS Detection Engineering Survey: Detection Engineering Best Practices for Implementing a Threat-Informed Defense

SANS Detection Engineering Survey: Detection Engineering Best Practices for Implementing a Threat-Informed Defense (PDF, 0.76MB)Published: 29 Nov, 2023
Created by
John Pescatore
John Pescatore

It takes skilled people, and effective, efficient tools to make sure you can create, validate, and maintain detection signatures that will provide full coverage of real-world attacks while minimizing false positives and false negatives. In this paper, SANS Director of Emerging Security Trends John Pescatore analyzes data from our recent survey on the state of the practice in detection engineering to provide guidance about improving your capabilities in keeping up with rapidly changing threats.

Meet the expert

John Pescatore
John Pescatore

John Pescatore

John Pescatore has been the Director of Emerging Security Trends at SANS Institute since 2013. Before that, he worked in computer and network security for organizations like the NSA, U.S. Secret Service, and Gartner, Inc.

Read more about John Pescatore