detection-engineering

4 items tagged

Blog Posts

Dec 9, 2024 • 5 min read

Detecting CVE-2024-32002 Git RCE

How to detect exploitation of CVE-2024-32002, a remote code execution vulnerability in Git that allows malicious repositories to execute code just by cloning.

detection-engineering cve git rce

May 20, 2024 • 3 min read

Detection-as-Code Reading List

A curated reading list on detection engineering best practices, tooling, and methodologies for building scalable security content.

detection-engineering detection-as-code reading-list

Curated Links

Feb 6, 2026 • detect.fyi

Move and Countermove: Game Theory Aspects of Detection Engineering

Detection as a strategic game between attackers and defenders. Explores Nash equilibria in security (tolerating false positives, moderate attack sophistication), why defenders must avoid predictability, and the case for broad coverage over targeted detections.

detection-engineering strategy

Feb 6, 2026 • detect.fyi

Adversarial Detection Engineering Framework: A Taxonomy for Detection Logic Bugs

Open-source taxonomy for classifying detection logic bugs — the errors that cause intended detections to fail. Categorizes bugs into reformatting, omitting alternatives, context manipulation, and event fragmentation. Practical checklists for proactive rule review.

detection-engineering framework