diff --git a/README.md b/README.md index cc42609..8e4b705 100644 --- a/README.md +++ b/README.md @@ -64,39 +64,4 @@ - [Detection Engineering Twitter List | Zack Allen](https://twitter.com/i/lists/1629936556298436608) - A Twitter list of Detection Engineering thought leaders. - [DETT&CT: MAPPING YOUR BLUE TEAM TO MITRE ATT&CK™](https://www.mbsecure.nl/blog/2019/5/dettact-mapping-your-blue-team-to-mitre-attack) - [Awesome Kubernetes (K8s) Threat Detection](https://github.com/jatrost/awesome-kubernetes-threat-detection) - Another Awesome List dedicated to Kubernetes (K8s) threat detection. -- [Living Off the Living Off the Land](https://lolol.farm) - A collection of resources for thriving off the land. - -## Blog Archive - -### 2023 - -- [From soup to nuts: Building a Detection-as-Code pipeline | David French](https://medium.com/threatpunter/from-soup-to-nuts-building-a-detection-as-code-pipeline-28945015fc38) - -### 2022 -- [Table stakes for Detection Engineering | Zack Allen](https://www.detectionengineering.net/p/table-stakes-for-detection-engineering) -- [Building the Threat Detection Ecosystem at Brex | Julie Agnes Sparks](https://medium.com/brexeng/building-the-threat-detection-ecosystem-at-brex-215e98b2f1bc) -- [Leveraging the Apple ESF for Behavioral Detections | Jaron Bradley, Matt Benyo](https://m.youtube.com/watch?v=AlN59giec0M) -- [CI/CD Detection Engineering: Dockerizing for Scale, Part 4 | Splunk Research Team](https://www.splunk.com/en_us/blog/security/ci-cd-detection-engineering-dockerizing-for-scale-part-4.html) -- [Capturing Detection Ideas to Improve Their Impact | Florian Roth](https://cyb3rops.medium.com/capturing-detection-ideas-to-improve-their-impact-311cf4e1c7a8) -- [About Detection Engineering | Florian Roth](https://cyb3rops.medium.com/about-detection-engineering-44d39e0755f0) -- [How to Write an Actionable Alert | Daniel Wyleczuk-Stern](https://catscrdl.io/blog/howtowriteanactionablealert/) -- [Democratizing Security Detection | Palantir](https://medium.com/palantir/democratizing-security-detection-71c689b667a5) - -### 2021 - -- [Detection-as-Code — Testing | Kyle Bailey](https://medium.com/@kyle-bailey/detection-as-code-testing-c03b0eea7fb8) -- [Practical Detection-as-Code | Brendan Chamberlain](https://medium.com/@infosecb/practical-detection-as-code-8a8fe7c65676) -- [Simple Anomaly Detection Using Plain SQL | Haki Benita](https://hakibenita.com/sql-anomaly-detection) -- [Detection Engineering: Defending Networks with Purpose | Peter Di Giorgio](https://www.sans.org/white-papers/40400/) - -### 2020 - -- [Detection Engineering using Apple's Endpoint Security Framework | Richie Cyrus](https://posts.specterops.io/detection-engineering-using-apples-endpoint-security-framework-affdbcb18b02) -- [So, You Want to Be a Detection Engineer? | Josh Day](https://blog.gigamon.com/2020/02/24/so-you-want-to-be-a-detection-engineer/) - -### Older -- CI/CD Detection Engineering: Splunk's Security Content, [Part 1](https://www.splunk.com/en_us/blog/security/ci-cd-detection-engineering-splunk-security-content-part-1.html) Splunk's Attack Range, [Part 2](https://www.splunk.com/en_us/blog/security/ci-cd-detection-engineering-splunk-s-attack-range-part-2.html) Failing, [Part 3](https://www.splunk.com/en_us/blog/security/ci-cd-detection-engineering-failing-part-3.html) | José Enrique Hernandez - A three part blog series loosely describing how to deploy detection as code in a Splunk environment using the Splunk Security Research team's Security Content. -- [Behind the Scenes with Red Canary's Detection Engineering Team | Kyle Rainey](https://redcanary.com/blog/detection-engineering/) -- [A SOCless Detection Team at Netflix](https://www.linkedin.com/pulse/socless-detection-team-netflix-alex-maestretti/) -- [The Four Types of Threat Detection | Sergio Caltagirone, Robert Lee](https://www.dragos.com/wp-content/uploads/The_Four_Types-of_Threat_Detection.pdf) -- [Lessons Learned in Detection Engineering | Ryan McGeehan](https://medium.com/starting-up-security/lessons-learned-in-detection-engineering-304aec709856) - A well experienced detection engineer describes in detail his observations, challenges, and recommendations for building an effective threat detection program. +- [Living Off the Living Off the Land](https://lolol.farm) - A collection of resources for thriving off the land. \ No newline at end of file diff --git a/archive/blog-archive.md b/archive/blog-archive.md new file mode 100644 index 0000000..3ae05a4 --- /dev/null +++ b/archive/blog-archive.md @@ -0,0 +1,34 @@ +## Blog Archive + +### 2023 + +- [From soup to nuts: Building a Detection-as-Code pipeline | David French](https://medium.com/threatpunter/from-soup-to-nuts-building-a-detection-as-code-pipeline-28945015fc38) + +### 2022 +- [Table stakes for Detection Engineering | Zack Allen](https://www.detectionengineering.net/p/table-stakes-for-detection-engineering) +- [Building the Threat Detection Ecosystem at Brex | Julie Agnes Sparks](https://medium.com/brexeng/building-the-threat-detection-ecosystem-at-brex-215e98b2f1bc) +- [Leveraging the Apple ESF for Behavioral Detections | Jaron Bradley, Matt Benyo](https://m.youtube.com/watch?v=AlN59giec0M) +- [CI/CD Detection Engineering: Dockerizing for Scale, Part 4 | Splunk Research Team](https://www.splunk.com/en_us/blog/security/ci-cd-detection-engineering-dockerizing-for-scale-part-4.html) +- [Capturing Detection Ideas to Improve Their Impact | Florian Roth](https://cyb3rops.medium.com/capturing-detection-ideas-to-improve-their-impact-311cf4e1c7a8) +- [About Detection Engineering | Florian Roth](https://cyb3rops.medium.com/about-detection-engineering-44d39e0755f0) +- [How to Write an Actionable Alert | Daniel Wyleczuk-Stern](https://catscrdl.io/blog/howtowriteanactionablealert/) +- [Democratizing Security Detection | Palantir](https://medium.com/palantir/democratizing-security-detection-71c689b667a5) + +### 2021 + +- [Detection-as-Code — Testing | Kyle Bailey](https://medium.com/@kyle-bailey/detection-as-code-testing-c03b0eea7fb8) +- [Practical Detection-as-Code | Brendan Chamberlain](https://medium.com/@infosecb/practical-detection-as-code-8a8fe7c65676) +- [Simple Anomaly Detection Using Plain SQL | Haki Benita](https://hakibenita.com/sql-anomaly-detection) +- [Detection Engineering: Defending Networks with Purpose | Peter Di Giorgio](https://www.sans.org/white-papers/40400/) + +### 2020 + +- [Detection Engineering using Apple's Endpoint Security Framework | Richie Cyrus](https://posts.specterops.io/detection-engineering-using-apples-endpoint-security-framework-affdbcb18b02) +- [So, You Want to Be a Detection Engineer? | Josh Day](https://blog.gigamon.com/2020/02/24/so-you-want-to-be-a-detection-engineer/) + +### Older +- CI/CD Detection Engineering: Splunk's Security Content, [Part 1](https://www.splunk.com/en_us/blog/security/ci-cd-detection-engineering-splunk-security-content-part-1.html) Splunk's Attack Range, [Part 2](https://www.splunk.com/en_us/blog/security/ci-cd-detection-engineering-splunk-s-attack-range-part-2.html) Failing, [Part 3](https://www.splunk.com/en_us/blog/security/ci-cd-detection-engineering-failing-part-3.html) | José Enrique Hernandez - A three part blog series loosely describing how to deploy detection as code in a Splunk environment using the Splunk Security Research team's Security Content. +- [Behind the Scenes with Red Canary's Detection Engineering Team | Kyle Rainey](https://redcanary.com/blog/detection-engineering/) +- [A SOCless Detection Team at Netflix](https://www.linkedin.com/pulse/socless-detection-team-netflix-alex-maestretti/) +- [The Four Types of Threat Detection | Sergio Caltagirone, Robert Lee](https://www.dragos.com/wp-content/uploads/The_Four_Types-of_Threat_Detection.pdf) +- [Lessons Learned in Detection Engineering | Ryan McGeehan](https://medium.com/starting-up-security/lessons-learned-in-detection-engineering-304aec709856) - A well experienced detection engineer describes in detail his observations, challenges, and recommendations for building an effective threat detection program. \ No newline at end of file