EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
Cloud Security Podcast by Google
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Guest:
-
Zack Allen, Senior Director of Detection & Research @ Datadog, creator of Detection Engineering Weekly
Topics:
-
What are the biggest challenges facing detection engineers today?
-
What do you tell people who want to consume detections and not engineer them?
-
What advice would you give to someone who is interested in becoming a detection engineer at her organization?
-
So, what IS a detection engineer? Do you need software skills to be one? How much breadth and depth do you need?
-
What should a SOC leader whose team totally lacks such skills do?
-
You created Detection Engineering Weekly. What motivated you to start this publication, and what are your goals for it? What are the learnings so far?
-
You work for a vendor, so how should customers think of vendor-made vs customer-made detections and their balance?
-
What goes into a backlog for detections and how do you inform it?
Resources:
-
Zacks's newsletter: https://detectionengineering.net
-
EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil
-
EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
-
"Detection Spectrum" blog
-
"Delivering Security at Scale: From Artisanal to Industrial" blog (and this too)
-
"Detection Engineering is Painful — and It Shouldn't Be (Part 1)" blog series