I contributed the chapter “Building Loosely Coupled Threat Detection Systems” to Splunk SURGe’s book, Bluenomicon: The Network Defender’s Compendium. The book is a collection of essays from security professionals on a variety of topics, from threat hunting to incident response to cloud security, and it’s “free” (requires contact info). I also have several physical copies if anyone wants one.
Bluenomicon: Building Loosely Coupled Threat Detection Systems.
