Megan Roddie is the author of Practical Threat Detection Engineering we got the chance to sit down with her and find out more about her experience of writing with Packt.
Q: How did you become an author for Packt? Tell us about your journey. What was your motivation for writing this book?
Megan: Packt reached out directly to me with the topic idea and asked if I’d be interested in authoring the book. I was super intrigued by the idea of writing a comprehensive guide on detection engineering and at the time was working with two sharp colleagues who I knew would be great contributors for such a topic. Early on I realize the lack of books focused on this topic and so really felt we were filling a gap. This is a topic I’m passionate about and the ability to share the knowledge widely in the cyber security community was an opportunity I couldn’t pass up on.
Q: What is the name of your book?
Megan: Practical Threat Detection Engineering.
Q: What kind of research did you do, and how long did you spend researching before beginning the book?
Megan: To cover the full scope of detection engineering, it required in depth review of existing blog posts and open source projects to tie together the concepts that have been proposed with our own knowledge of the topic. We spent a lot of time developing the outline to ensure we’d touch on all the topics that would be required to truly educate the readers. Then for each chapter we’d start by reading as many articles as we could from industry experts to gain inspiration and decide on our approach for each topic.
Q: Do you have a blog that readers can follow?
Megan: Gary Katz blogs about detection engineering here: https://medium.com/@gary.j.katz
Megan Roddie blogs for many publications with much of the content found here: https://www.sans.org/profiles/megan-roddie/.
Q: What key takeaways do you want readers to come away with from the book?
Megan: We hope that after reading this book, readers will be able to take a concept for a detection and use a structured approach to turn that concept into a fully functional detection. Additionally, readers should be able to take the lessons learned in order to measure the performance of their detection engineering program and identify areas for improvement.
Q: Can you share any blogs, websites and forums to help readers gain a holistic view of the tech they are learning?
Megan Detection Engineering Weekly provides the best round up of blogs, social media posts, and other content published each week on the topic. You can subscribe to the newsletter here: https://www.detectionengineering.net/.
Q. Did you face any challenges during the writing process? How did you overcome them?
Megan: The biggest challenge was that given this is a relatively new field, there is not a lot of concepts that have a solidified approach by all practitioners. There has been a lot of proposed methodologies and frameworks but nothing that is widely adopted. Because of this, there were many junctions at which we had to decide whether to carry forward with an existing idea even if it wasn’t universally accepted or to take the lack of a foundation and use it to establish our own approach.
Q. How would you describe your author journey with Packt? Would you recommend Packt to aspiring authors?
Megan: Packt provided the support necessary to become a first time author. They were responsive to questions, clear with feedback, and ensured that our hard work was going to lead to a successful publication. I highly recommend working with Packt if you are considering writing a book in tech or security but want the support of a publisher behind you.
Q. Why should readers choose this book over others already on the market? How would you differentiate your book from its competition?
Megan: Right now there is not any books solely focused on detection engineering, putting it in a unique position in the market. When compared to blog posts or other content on the subject, this book has an advantage of providing hands-on exercises for the reader, including the creation of a detection engineering lab that can be used for readers to freely test the concepts they learn.
Q. What is/are your specialist tech area(s)?
Megan: Detection engineering, digital forensics and incident response, cloud security, threat intelligence.
Q. What advice would you give to readers jumping into this technology? Do you have any top tips?
Megan: First, there is content everywhere, take advantage. From blog posts, to conferences (many virtual), to YouTube, and more, there are so many ways to get FREE learning materials and be able to advance your knowledge in any topic area you choose. Second, network! Go to conferences or connect with people online. The connections you make are bound to pay off in future whether you are looking for a job or insight into an area of specialty.
Q. What’s your take on the technologies discussed in the book? Where do you see these technologies heading in the future?
Megan: Detection engineering is a relatively new but rapidly evolving area of focus in cyber security. We’re going to see widespread developments from various angles, as we talk about in the final chapter of the book. It’s likely that more organizations are going to begin dedicating resources focused on creating detections. Furthermore, the advancement of machine learning will likely have an impact on detection engineering workflows and how we detect threats.
Q. Do you belong to any tech community groups?
Megan: Gary Katz blogs about detection engineering here: https://medium.com/@gary.j.katz
Megan Roddie blogs for many publications with much of the content found here: https://www.sans.org/profiles/megan-roddie/.
Q. How did you organize, plan, and prioritize your work and write the book?
Megan: It definitely helped to have a team of authors rather than working alone. Going into a chapter we always made sure to understand what we had to do and when our deadlines were. We ensured that for each chapter, the person who was strongest in that subject took lead. Besides that, it was a matter of hard work, perseverance, and focus. Knowing that at the end of it we would have a published book to show our effort.
Q. What are your favorite tech journals? How do you keep yourself up to date on tech?
Megan: I don’t really read any journals but find immense value in blog posts when it comes to cyber security. Both personal blogs from professionals as well as company blogs provide high quality content on a variety of subjects.
Q. Would you like to share your social handles? If so, mention them below.
Megan: Follow me on Twitter – https://twitter.com/megan_roddie.
Q. What is that one writing tip that you found most crucial and would like to share with aspiring authors?
Megan: Have fun with it! It can become stressful at times, but its truly a unique experience and something that not everyone gets to say they accomplished. Remember that you are doing this because you’re an expert and so let your ideas flow onto the paper without stressing too much over the little things.
You can find Megan’s book on Amazon by following this link: Please click here