This blog post was co-authored with Charlie Clark and Andrew Schwartz from TrustedSec 1 Introduction One thing often forgotten is that detection engineering isn’t always centered around 1 action to 1 query but also to drive effective incident response to optimize the triage of an alert. This is best served with context.

Source: Binary Defense