diff --git a/README.md b/README.md
index 05bce44..912c33f 100644
--- a/README.md
+++ b/README.md
@@ -276,6 +276,7 @@
 ### Data Science
 
 - [data_hacking](https://github.com/SuperCowPowers/data_hacking): Examples of using IPython, Pandas, and Scikit Learn to get the most out of your security data.
+- [Reverse engineering the analyst: building machine learning models for the SOC](https://www.mandiant.com/resources/blog/build-machine-learning-models-for-the-soc)
 
 ### Research Papers