Foundation¶

Before patrolling the digital streets, earn the city’s twisted geography and the motives of its villains. These pages describe a map and criminal taxonomy: mastering the MITRE ATT&CK framework to understand guild methods, learning Detection-as-Code to write reliable watch procedures, and studying Sigma rules to translate suspicious whispers from every district—be it a log from the Seamstresses’ Guild or an alert from the Assassins’ ledger, into a common tongue for the Watch.

Detection engineering fundamentals

Dept of Silent Stability detection philosophy

Activate Managed Expectations