Sveriges mest populära poddar

Cloud Security Podcast by Google

EP149 Canned Detections: From Educational Samples to Production-Ready Code

29 min • 20 november 2023

Guests:

  • John Stoner, Principal Security Strategist, Google Cloud Security

  • Dave Herrald, Head of Adopt Engineering, Google Cloud Security

Topics:

  • In your experience, past and present, what would make clients trust vendor detection content?

  • Regarding “canned”, default or “out-of-the-box” detections, how to make them more production quality and not merely educational samples to learn from?

  • What is more important, seeing the detection or being able to change it, or both?

  • If this is about seeing the detection code/content, what about ML and algorithms?

  • What about the SOC analysts who don't read the code?

  • What about “tuning” - is tuning detections a bad word now in 2023?

  • Everybody is obsessed about “false positives,” what about the false negatives? How are we supposed to eliminate them if we don’t see detection logic?

Resources:

 

Kategorier
Förekommer på
00:00 -00:00