Rick Correa

Rick Correa, Uber TL for Google SecOps and expert in detection engineering, shares his journey of scaling curated detections from a mere 70 to over 4,700 rules. He discusses the pivotal lessons learned and the importance of user-friendly interfaces to alleviate customer friction. The conversation dives into the distinction between 'Detection-as-Code' and advanced software engineering practices, emphasizing the need for unit testing and performance reviews. Correa introduces the 'Goldilocks Zone' for detections and provides practical examples of building blocks for enhancing security against threats like VPN and Tor traffic.