Detection Engineering

Defensive Strategies, Science, and Analysis.

Use the DeTT&CT framework to assess TTP coverage, perform gap analysis, and prioritize detection engineering efforts
, , and
1
1
Techniques to Identify Active Directory Enumeration
Understanding and Detecting MITRE T1003.006 - OS Credential Dumping: DCSync