Back
#202
December 9, 2024

EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering

Guest:

Topics:

SIEM and SOC
29:29

Subscribe at Spotify.

Subscribe at Apple Podcasts.

Subscribe at YouTube

Topics covered:

  • What is your best advice on detection engineering to organizations who don’t want to engineer anything in security? 
  • What is the state of art when it comes to SOC ? Who is doing well? What on Earth is a fusion center? 
  • Why classic “tiered SOCs” fall flat when dealing with modern threats?
  • Let’s focus on a correct definition of detection as code. Can you provide yours?
  • Detection x response engineering - is there a thing called “response engineering”? Should there be?
  • What are your lessons learned to fuse intel, detections, and hunting ops?
  • What is this SIEMless yet SOARful detection architecture?
  • What’s next with OpenTIDE 2.0?

Do you have something cool to share? Some questions? Let us know:

View more episodes