iPurpleTeam, has developed the following framework considering various components that are required to safeguard that rules will be developed in an threat aligned and reliable manner.
- Rule Objective
- Source
- Categorization
- Detection Strategy
- Rule Development
- Priority
- Validation
- Deficiencies
- Deployment
- Maintenance & Improvement
- Confidence Level
- Response
- Resources