Making Detection Engineering Matter Up the Chain

A Chloe Burton special on the very human side of detection engineering. From a nonlinear path into security (neuroscience, psychology, Splunk era chaos) to leading a DE team today, Chloe and Alex break down why context beats checklists, why so many detections cluster in the middle of the MITRE ATT&CK framework, and how telemetry availability quietly shapes what we defend.

We dig into detection fundamentals that don’t get talked about enough: avoiding the myth of the perfect rule, resisting over-tuning, rotating across domains to prevent stagnation, and staying grounded while the sky always feels like it’s falling. Chloe also shares leadership unlearns—raising flags early, saying “no” with strategy, and creating teams that feel safe to fail forward.

We also discuss how to get leadership to give a f**ck and overall how to best escalate problems and gaps up the chain.

Finally, if macOS threat coverage is on your radar, we also call out Olivia Galucci’s newsletter as a must-follow for macOS threat intelligence and research in a space that desperately needs more visibility.

📊 Shownotes call-outs: MITRE ATT&CK sunburst analysis

MacOS Research & Newsletter: https://oliviagallucci.com/blog/#subscribe

Detection Engineering Dispatch features candid conversations with security teams at top companies on how they build, measure, and scale world-class detection programs.