The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
תוכן מסופק על ידי Anton Chuvakin. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Anton Chuvakin או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לCloud Security Podcast by Google
Thanks for visiting The Cell Phone Junkie! I will be taking the time each week to discuss my favorite topic, cell phones. Any feedback is appreciated and welcome. You can email me at: questions (AT) thecellphonejunkie (DOT) com or call: 206-203-3734 Thanks and welcome!
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
1
The Ticket: Discover the Future of Customer Service, Support, and Experience, with Intercom
Intercom
1k
480
On The Ticket, you'll hear Intercom's Customer Support team in conversation with the customer service leaders, renowned customer experience thinkers, and influential authors who are shaping the field of customer support. Follow The Ticket to get the weekly episodes and sign up for our twice-monthly newsletter bursting with all the insights, trends, tips, and assets your team needs to embrace the future of customer service. https://www.intercom.com/blog/newsletter 🏠 www.intercom.com
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
1k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
WSJ’s Bold Names brings you conversations with the leaders of the bold-named companies featured in the pages of The Wall Street Journal. Hosts Tim Higgins and Christopher Mims speak to CEOs and business leaders in interviews that challenge conventional wisdom and take you inside the decisions being made in the C-suite and beyond.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
EP231 Beyond the Buzzword: Practical Detection as Code in the Enterprise
Manage episode 490355646 series 2892548
תוכן מסופק על ידי Anton Chuvakin. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Anton Chuvakin או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Guest:
- David French, Staff Adoption Engineer, Google Cloud
Topic:
- Detection as code is one of those meme phrases I hear a lot, but I'm not sure everyone means the same thing when they say it. Could you tell us what you mean by it, and what upside it has for organizations in your model of it?
- What gets better for security teams and security outcomes when you start managing in a DAC world? What is primary, actual code or using SWE-style process for detection work?
- Not every SIEM has a good set of APIs for this, right? What's a team to do in a world of no or low API support for this model?
- If we're talking about as-code models, one of the important parts of regular software development is testing. How should teams think about testing their detection corpus? Where do we even start? Smoke tests? Unit tests?
- You talk about a rule schema–you might also think of it in code terms as a standard interface on the detection objects–how should organizations think about standardizing this, and why should they?
- If we're into a world of detection rules as code and detections as code, can we also think about alert handling via code? This is like SOAR but with more of a software engineering approach, right?
- One more thing that stood out to me in your presentation was the call for sharing detection content. Is this between vendors, vendors and end users?
Resources:
- Can We Have "Detection as Code"?
- Testing in Detection Engineering (Part 8)
- "So Good They Can't Ignore You: Why Skills Trump Passion in the Quest for Work You Love" book
- EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering
- EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
- EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther
- Getting Started with Detection-as-Code and Google SecOps
- Detection Engineering Demystified: Building Custom Detections for GitHub Enterprise
- From soup to nuts: Building a Detection-as-Code pipeline
- David French - Medium Blog
- Detection Engineering Maturity Matrix
252 פרקים
שתפו
Manage episode 490355646 series 2892548
תוכן מסופק על ידי Anton Chuvakin. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Anton Chuvakin או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Guest:
- David French, Staff Adoption Engineer, Google Cloud
Topic:
- Detection as code is one of those meme phrases I hear a lot, but I'm not sure everyone means the same thing when they say it. Could you tell us what you mean by it, and what upside it has for organizations in your model of it?
- What gets better for security teams and security outcomes when you start managing in a DAC world? What is primary, actual code or using SWE-style process for detection work?
- Not every SIEM has a good set of APIs for this, right? What's a team to do in a world of no or low API support for this model?
- If we're talking about as-code models, one of the important parts of regular software development is testing. How should teams think about testing their detection corpus? Where do we even start? Smoke tests? Unit tests?
- You talk about a rule schema–you might also think of it in code terms as a standard interface on the detection objects–how should organizations think about standardizing this, and why should they?
- If we're into a world of detection rules as code and detections as code, can we also think about alert handling via code? This is like SOAR but with more of a software engineering approach, right?
- One more thing that stood out to me in your presentation was the call for sharing detection content. Is this between vendors, vendors and end users?
Resources:
- Can We Have "Detection as Code"?
- Testing in Detection Engineering (Part 8)
- "So Good They Can't Ignore You: Why Skills Trump Passion in the Quest for Work You Love" book
- EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering
- EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
- EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther
- Getting Started with Detection-as-Code and Google SecOps
- Detection Engineering Demystified: Building Custom Detections for GitHub Enterprise
- From soup to nuts: Building a Detection-as-Code pipeline
- David French - Medium Blog
- Detection Engineering Maturity Matrix
252 פרקים
כל הפרקים
×
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לCloud Security Podcast by Google
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Thanks for visiting The Cell Phone Junkie! I will be taking the time each week to discuss my favorite topic, cell phones. Any feedback is appreciated and welcome. You can email me at: questions (AT) thecellphonejunkie (DOT) com or call: 206-203-3734 Thanks and welcome!
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
1
The Ticket: Discover the Future of Customer Service, Support, and Experience, with Intercom
Intercom
1k480
On The Ticket, you'll hear Intercom's Customer Support team in conversation with the customer service leaders, renowned customer experience thinkers, and influential authors who are shaping the field of customer support. Follow The Ticket to get the weekly episodes and sign up for our twice-monthly newsletter bursting with all the insights, trends, tips, and assets your team needs to embrace the future of customer service. https://www.intercom.com/blog/newsletter 🏠 www.intercom.com
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
1k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
WSJ’s Bold Names brings you conversations with the leaders of the bold-named companies featured in the pages of The Wall Street Journal. Hosts Tim Higgins and Christopher Mims speak to CEOs and business leaders in interviews that challenge conventional wisdom and take you inside the decisions being made in the C-suite and beyond.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
