The Mysteries of Detection Engineering: Revealed!
Cloud Security Podcast by Google
English - August 16, 2021 17:15 - 30 minutes - 41.5 MB - ★★★★★ - 33 ratingsTechnology cloudsecurity cloud cybersecurity security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: SOC in a Large, Complex and Evolving Organization
Next Episode: Tales from the Trenches: Using AI for Gmail Security
Guest:
Keith McCammon, Co-founder and Chief Security Officer, Red CanaryTopics:
What is Detection Engineering? How it differs from just building rules/analytics? How to convert threat intelligence into detections? How to tell good detections from bad? And perhaps also good from great? How to test detections in the real world? Anything special about building detections for cloud environments? What do you think is the role of “rule-less” (such as ML) detections? Is “ML unicorn cavalry” coming?Resources:
The Red Canary Blog 2021 Threat Detection Report Alerting and Detection Strategy Framework Atomic Red Team toolset