February 27, 2023
EP110 Detection and Response in a High Velocity and High Complexity Environment
View more episodes
- Tell us about joining Robinhood and prioritizing focus areas for detection in your environment?
- Tim and Anton argue a lot about what kind of detection is best - fully bespoke and homemade, or scalable off-the-shelf. First, does our framework here make sense, and second, looking at your suite of detection capabilities, how have you chosen to prioritize detection development and detection triage?
- You're operating in AWS: there are a lot of vendors doing detection in AWS, including AWS themselves. How have you thought about choosing your detection approaches and data sources?
- Finding people with as much cloud expertise as you can't be easy: how are you structuring your organization to succeed despite cloud detection and response talent being hard to find? What matters more: detection skills or cloud skills?
- What has been effective in ramping up your D&R team in the cloud?
- What are your favorite telemetry data sources for detection in the cloud?