Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a modern approach to detection engineering using CI/CD in this 30-minute RSA Conference talk. Learn how to automate detection rule testing with Attack Range, an open-source tool for simulating adversary attacks in lab environments. Discover the CI/CD workflow for detection engineering, including commit detection schemas, branching workflows, and detection conversion and packaging. Dive into Mordor Labs, Attack Range architecture, and commands. Understand how to notify test outcomes and deploy detections effectively. Apply these cutting-edge techniques to enhance your organization's security posture through streamlined detection development processes.
Syllabus
Intro
CI/CD Workflow - Detection Engineering
Commit detection - detection schema
Commit detection - Branching workflow
Convert Detection & Package Detection
Test Detections
Mordor Labs
Attack Range Architecture
Attack Range Commands
Notify of test outcome
Deploy detections
Apply What You Have Learned Today
Taught by
RSA Conference