Sveriges mest populära poddar

Cloud Security Podcast by Google

EP39 From False Positives to Karl Popper: Rationalizing Cloud Threat Detection

31 min • 18 oktober 2021

Guest:

  • Jared Atkinson, Adversary Detection Technical Director at SpecterOps

Topics:

  • What are bad/good/great detections? Is this all about the Bianco's pyramid? Is high good and low bad?
  • How should we judge the quality of detections? Can there be a quality framework? Is that judgment going to be site specific?
  • What should we do to build more good directions? Is this all about reducing false positives?
  • Can we really measure false negatives? How can we approach this?
  • How can we test for detection goodness in the real world? What are the methods that work? It can’t be just about paper ATT&CK coverage, right?
  • What are your top 3 tips for improving the detection practice at an organization?

Resources:

Kategorier
Förekommer på
00:00 -00:00