Topic

Detection and response

Use this topic for SOC requests, hunts, detection drafts, response actions, escalation, and action tracking.

Search detection contentAll topics

Tools

Sigma, YARA, and Hunt helpers

Draft starting points for detection logic, then tune in your environment.

SigmaYARAHunt

Playbook

SOC Handoff Examples

Send specific telemetry, hunt, IOC, and monitoring requests with caveats.

Open handoffs

Playbook

Action Tracker

Keep owners, state, notes, and review dates attached to response work.

Open tracker

Guide

Detection Readiness

Understand whether telemetry and ownership can support a detection request.

Open guide

Practice

Signal Sorter Rush

Practice sorting clues into exploitation, exposure, remediation, trust, and business context.

Play

View all detection and response content