EP149 Canned Detections: From Educational Samples to Production-Ready Code - podcast episode cover

EP149 Canned Detections: From Educational Samples to Production-Ready Code

Cloud Security Podcast by Google
Nov 20, 202329 minSeason 1Ep. 149
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Guests:

  • John Stoner, Principal Security Strategist, Google Cloud Security

  • Dave Herrald, Head of Adopt Engineering, Google Cloud Security

Topics:

  • In your experience, past and present, what would make clients trust vendor detection content?

  • Regarding “canned”, default or “out-of-the-box” detections, how to make them more production quality and not merely educational samples to learn from?

  • What is more important, seeing the detection or being able to change it, or both?

  • If this is about seeing the detection code/content, what about ML and algorithms?

  • What about the SOC analysts who don't read the code?

  • What about “tuning” - is tuning detections a bad word now in 2023?

  • Everybody is obsessed about “false positives,” what about the false negatives? How are we supposed to eliminate them if we don’t see detection logic?

Resources:

 

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
EP149 Canned Detections: From Educational Samples to Production-Ready Code | Cloud Security Podcast by Google - Listen or read transcript on Metacast