Detection Engineering Dispatch is a live series of 30 to 45-minute episodes featuring hands-on experiences, open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program.
Join your peers to knowledge share, deep dive on technical best practices, and engage in discussions relevant to the detection engineering community.
Days Until The Next Live -Session
EP. 53 | Re-Drawing the UBA Line in the Snowflake Age
Join Snowflake’s Insider Threat team for a direct discussion on separating everyday behavioral drift from true malicious intent. We examine role changes, privilege creep, and off-hour access, showing how context—identity, project timelines, and data lineage—sharpens detection and reduces noise. The conversation ends with a clear-eyed look at the trade-off between missing an insider and overwhelming analysts with false alerts, offering practical guidance for any modern UBA program.
Join our community to stay up to date on all of the latest episode drops, and expect this one in your inbox on July 17th!
Past Episodes & Resources
June 19, 2025
Explore LLM security risks—from prompt injections to RAG leaks—and why classic appsec tactics matter more than ever in the GenAI era.
June 5, 2025
Agentic AI isn’t magic. In this episode, we unpack 5 hard truths security teams need to know before adding “agents” to their SOC workflows.
.jpg)
May 22, 2025
Johnathan Dempsey comes on Dispatch to talk about 5 different scenarios where you might be overengineering your detections.