EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther
Cloud Security Podcast by Google
English - May 29, 2023 14:11 - 39 minutes - 54.2 MB - ★★★★★ - 31 ratingsTechnology cloudsecurity security cloud cybersecurity Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Guest:
Jack Naglieri, Founder and CEO at Panther
Topics:
What is good detection, defined at micro-level for a rule or a piece of detection content?
What is good detection, defined at macro-level for a program at a company?
How to reliably produce good detection content at scale?
What is a detection content lifecycle that reliably produces good detections at scale?
What is the purpose of a SIEM today?
Where do you stand on a classic debate on vendor-written vs customer-created detection content?
Resources:
“Why Is Threat Detection Hard” blog
“Think Like a Detection Engineer, Pt. 2: Rule Writing” blog
“Detection as Code? No, Detection as COOKING!” blog
Open Cybersecurity Schema Framework (OCSF)