Crying Out Cloud Cloud Detection Engineering, AI in the SOC and Parallel Parking with Alex Hurtado
10 snips
Nov 14, 2025 Alex Hurtado, a detection engineering leader and researcher, shares her insights on cloud security and threat hunting. She discusses how detection engineering has evolved, emphasizing the superiority of DIY detections over vendor defaults. Alex explores the transformative role of AI in threat hunting, while advocating for the crucial human element in adapting AI responses. She highlights challenges like identity sprawl and encourages community collaboration to enhance detection practices. With personal anecdotes on parallel parking and trekking, Alex adds a humorous touch to her expertise.
AI Snips
Chapters
Transcript
Episode notes
Parallel Parking Still A Mystery
- Alex admits she never mastered parallel parking and often asks passengers to get out and park for her.
- She jokes she still can't figure out how she passed driving school at 16.
Cloud Breaks Classic Detection Assumptions
- Cloud removes traditional detection assumptions like static perimeters and predictable logs, forcing behavior-driven detection.
- Identity sprawl, temporary resources, and provider-specific telemetry make timing and correlation essential.
Learn Cloud Nuances Through Docs And Community
- Use cloud provider docs and community resources to learn telemetry and nuances across clouds.
- Treat cloud certs as practical learning to understand provider-specific schemas and APIs.