Detection-as-code: Why it works and where to start

Presented at BSidesSF 2022 Rescheduled, June 4, 2022, 11:35 a.m. (25 minutes).

Detection-as-code principles allow detection and response teams to operate with the efficiency of software engineering teams. By embracing these principles, D&R teams can unlock the benefits of version control, test-driven development, code reuse, and CI/CD automated workflows.

Presenters:

• Kyle Bailey - Panther Labs
  I am passionate about all things threat detection. I spent 5y managing operations for CYBERCOM, and the last 5 years doing detection and response in the tech industry, most recently building and managing the Detection Engineering & Red Team at Box. I currently break things at Panther Labs.

Links:

• https://bsidessf2022.sched.com/event/rjpV/detection-as-code-why-it-works-and-where-to-start

Similar Presentations:

• DerbyCon 9.0 Finish Line (2019) / I sim(ulate), therefore i catch: enhancing detection engineering with adversary simulation
• Black Hat USA 2019 / Every Security Team is a Software Team Now
• BSidesLV 2023 / Open Source GitOps for Detection Engineering