Threat Detection & Intelligence
Checking access...
Threat detection is how organizations find attackers in their environment before damage is done. This module covers SIEM, SOC, threat intelligence, hunting, and detection engineering.
Pages
| Page | Description |
|---|---|
| SIEM Fundamentals | SIEM architecture, log collection, correlation, SPL/KQL |
| SOC Operations | SOC tiers, metrics, shift handoff, escalation |
| Threat Intelligence | CTI lifecycle, OSINT, MITRE ATT&CK, STIX/TAXII |
| Threat Hunting | Hypothesis hunting, Pyramid of Pain, Velociraptor |
| Detection Engineering | Sigma rules, detection as code, Atomic Red Team |
| Log Management | Windows Event Logging, Sysmon, syslog, ELK pipeline |
| Detection Lab | Hands-on: deploy ELK, write detection rule |
| Flashcards | Test your knowledge |