From the course: Modern Security Operation by Google
Join today to access over 25,500 courses taught by industry experts.
Example workflows
From the course: Modern Security Operation by Google
Example workflows
- [Instructor] To illustrate this in a real world scenario, suppose there is a malicious email attachment. Here is an example of the engineering workflow that would take place. The workflow begins with use case research and creation. The cyber threat engineering team leveraging insights from Mandiant Threat Intelligence conducts research on the latest email-based threats, including malicious attachments. They identify relevant indicators, attack techniques, and patterns associated with these threats. Based on their research, they create use cases in Jira, outlining the specific criteria and logic for detecting malicious email attachments and mapping them to the MITRE ATT&CK framework. Analytics development then takes place. The detection engineering team leverages the use cases developed in Jira and collaborates with previous teams to ensure that Chronicle SIEM, the organization's security information and event…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Module objectives41s
-
(Locked)
CD/CR overview7m 55s
-
(Locked)
CD/CR workflows5m 1s
-
(Locked)
Roles and responsibilities19m 48s
-
(Locked)
Example workflows4m 30s
-
(Locked)
CD/CR3m 35s
-
(Locked)
Activity MITRE ATT&CK19s
-
(Locked)
10X visibility and security analytics2m 35s
-
(Locked)
10X orchestration and automation6m 54s
-
(Locked)
SOAR5m 2s
-
(Locked)
10X continuous feedback3m 34s
-
(Locked)
Transforming CD/CR2m 3s
-
(Locked)
Activity feedback loop43s
-
(Locked)
CD/CR culture11m 43s
-
(Locked)
SOC teams2m 14s
-
(Locked)
Iman Ghanizada video: "Week 4 wrap-up"5m 29s
-
(Locked)
Recap2m 55s
-
(Locked)
-
-