2-Day Instructor-Led Programme
Learn detection engineering fundamentals through mentor-led sessions and practical SOC detection scenarios. This programme focuses on building detection rules, tuning alerts, reducing false positives, and mapping detections to attack frameworks.
Duration
2 Days
Price
$1,399
Security monitoring systems generate large volumes of alerts, but effective cyber defence depends on well-designed detections that accurately identify malicious activity. Detection engineering focuses on designing, testing, and improving rules that help security teams identify threats efficiently.
This mentor-led programme introduces the practical techniques used to build and maintain effective detection rules. Learners explore detection logic, alert tuning strategies, and investigation workflows used in modern Security Operations Centres (SOC).
Through practical scenarios and guided exercises, participants practise writing detection logic, analysing false positives, and mapping detections to the MITRE ATT&CK Framework to understand attacker behaviours. By the end of the programme, learners will understand how to design high-quality detections that improve organisational security visibility.
Practical exercises creating detection rules, analysing alerts, and tuning monitoring systems.
Experienced cyber security mentors guide learners through real-world detection engineering practices.
Detection rule design and security monitoring optimisation used by SOC teams and detection engineers.
Understand detection engineering concepts and workflows
Design and implement effective detection rules
Analyse alerts and reduce false positives
Map detection logic to attacker behaviours
Improve security monitoring effectiveness
Document and maintain detection strategies
Basic knowledge of cyber security concepts.
Familiarity with SOC operations or security monitoring is recommended.
Prior experience with log analysis or SIEM tools is helpful.
Step-by-step learning journey from basics to professional practice
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Everything you need to know about the certification exams
You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations.
Everything you need to know about this course
Detection engineering focuses on designing and improving rules that identify malicious behaviour in security monitoring systems.
Take the next step in your professional development