EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
Episode description
Guest:
-
Zack Allen, Senior Director of Detection & Research @ Datadog, creator of Detection Engineering Weekly
Topics:
-
What are the biggest challenges facing detection engineers today?
-
What do you tell people who want to consume detections and not engineer them?
-
What advice would you give to someone who is interested in becoming a detection engineer at her organization?
-
So, what IS a detection engineer? Do you need software skills to be one? How much breadth and depth do you need?
-
What should a SOC leader whose team totally lacks such skills do?
-
You created Detection Engineering Weekly. What motivated you to start this publication, and what are your goals for it? What are the learnings so far?
-
You work for a vendor, so how should customers think of vendor-made vs customer-made detections and their balance?
-
What goes into a backlog for detections and how do you inform it?
Resources:
-
Zacks’s newsletter: https://detectionengineering.net
-
EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil
-
EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
-
“Detection Spectrum” blog
-
“Delivering Security at Scale: From Artisanal to Industrial” blog (and this too)
-
“Detection Engineering is Painful — and It Shouldn’t Be (Part 1)” blog series