What to expect

This publication is broken down into three primary parts:

• The foundation: getting organized with frameworks and structure

• Application: putting concepts into practice

• Advancement: insights and methods to evolve the paradigm

Part 1 of this publication introduces and explores the use of incorporated frameworks — unified under a singular framework — and how they can be leveraged to better understand the principles and components involved in getting a detection engineering program operationalized smoothly. Part 2 will shift focus to applying detection engineering, where the foundational concepts are put into practice. Finally, part 3 will explore and discuss more advanced and burgeoning topics and new proposals. This is meant to invoke critical considerations for the sake of evolving the paradigm.