Season 1 · Episode 27

The Mysteries of Detection Engineering: Revealed!

Cloud Security Podcast by Google · Anton Chuvakin

August 16, 202130m 9s

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Guest:

Keith McCammon, Co-founder and Chief Security Officer, Red Canary

Topics:

What is Detection Engineering? How it differs from just building rules/analytics?
How to convert threat intelligence into detections?
How to tell good detections from bad? And perhaps also good from great?
How to test detections in the real world?
Anything special about building detections for cloud environments?
What do you think is the role of "rule-less" (such as ML) detections? Is "ML unicorn cavalry" coming?

Resources:

The Red Canary Blog
2021 Threat Detection Report
Alerting and Detection Strategy Framework
Atomic Red Team toolset

← All episodes of Cloud Security Podcast by Google