Evidence-Based Security

Discover how to elevate your security practice and posture with actionable data at the core.

Are you tired of feeling like you’re constantly playing catch-up in the cybersecurity arms race? It’s time to level the playing field with an evidence-based approach to security. And we’ve got just the thing to help you get started.


This new O’Reilly guide—Evidence-Based Security—comprehensively shows security professionals a practical framework for making data-informed decisions about their people, technology, and processes. By using a scientific lens to assess your security program, you can unify stakeholders, increase visibility, and decrease risk and uncertainty.

You’ll learn all about how to:

  • Map threats to TTPs
  • Develop metrics that matter for your organization and industry
  • Simulate attacks in real time to emulate potential attacker activity
  • Analyze results, remediate, and repeat

Plus, we’ll show you how to use the MITRE ATT&CK framework as a common language for threat modeling and detection engineering.

By submitting this form you indicate that you have read and agree to the terms of our Privacy Policy.