EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
Guest: Zack Allen, Senior Director of Detection & Research @ Datadog, creator of Detection Engineering Weekly Topics: What are the biggest challenges facing detection engineers today? What do you tell people who want to consume detections and not engineer them? What advice would you give to someone who is interested in becoming a detection engineer at her organization? So, what IS a detection engineer? Do you need software skills to be one? How much breadth and depth do you need? What should a SOC leader whose team totally lacks such skills do? You created Detection Engineering Weekly. What motivated you to start this publication, and what are your goals for it? What are the learnings so far? You work for a vendor, so how should customers think of vendor-made vs customer-made detections and their balance? What goes into a backlog for detections and how do you inform it? Resources: Video (LinkedIn, YouTube) Zacks’s newsletter: https://detectionengineering.net EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity? The SRE book “Detection Spectrum” blog “Delivering Security at Scale: From Artisanal to Industrial” blog (and this too) “Detection Engineering is Painful — and It Shouldn’t Be (Part 1)” blog series “Detection as Code? No, Detection as COOKING!” blog “Practical Threat Detection Engineering: A hands-on guide to planning, developing, and validating detection capabilities” book SpecterOps blog