August 8, 2022
EP78 Classic SOC Meets Cloud: What Changes? What Stays the Same?
View more episodes
- How do we get a legacy SOC team to think about the cloud?
- How to think about cloud threat detection, in general? What is different … threats, the environment, what else? What is the same?
- How do we know which TTPs are relevant for the new environments? What to bring with us to the cloud?
- Do content/rules and detection engines need to be different to cover the cloud detection use cases?
- What cases are appropriate for machine learning (ML) in the cloud? Does cloud threats drive the need for new ML detections?