A Research-Driven process applied to Threat Detection Engineering Inputs
This article is an evolution of a previous one I wrote on Jira Workflows for Detection Engineering teams but more focused on the detection inputs and with the introduction of a new actor: the Detection Researcher.
What you are going to learn here:
- What are the primary INPUTS for a detection idea?
- Who or What drives the detection demand?
- How to layout a process to take that input and turn into action?