Organizations deploy multiple security monitoring tools to detect threats, but they often overlook the most important part of the threat detection process: Content. This session describes what is the role of detection content in security monitoring and exposes the need for structured processes to identify, develop and maintain this content. Attendees will learn the characteristics of the Detection Development Life Cycle and understand how to use it to optimize their threat detection practices.