TCM Security – Detection Engineering for Beginners 2024-9

Detection Engineering for Beginners. This step-by-step course introduces you to the concepts and skills needed to become a detection engineer. From understanding the basics to the practical implementation of a detection engineering architecture, this course covers everything.

What you will learn:

• Understanding Security Operations: Deep understanding of security operations
• Logging Systems: Introduction to the different types of systems that generate logs
• Invasive Testing: Learn to create invasive tests to generate logs for diagnosis.
• Testing Framework: Working with a testing framework to generate logs
• Documenting diagnoses: Learn how to accurately document diagnoses.
• Verification with code: Writing code to verify diagnostic documents
• Interacting with the SIEM API: Using Python to interact with the Security Event Management (SIEM) System API
• GitHub Actions: Use GitHub Actions to automate API reviews and interactions
• Diagnostic metrics: Writing code to create diagnostic metrics

This course is suitable for people who:

• This course is suitable for people who want to get started in the field of diagnostic engineering. Previous knowledge of security operations, log searching, security analysis, or any other related skills would be helpful but not required.