view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
Guest:
Topics:
- What is Detection Engineering? How it differs from just building rules/analytics?
- How to convert threat intelligence into detections?
- How to tell good detections from bad? And perhaps also good from great?
- How to test detections in the real world?
- Anything special about building detections for cloud environments?
- What do you think is the role of “rule-less” (such as ML) detections? Is “ML unicorn cavalry” coming?
Resources:
