[SANS Institute and Anvilogic Present] The 2025 State of Detection Engineering Report
Join the waitlist
Skip to main content
Cloud Security Detections: Practical Insights from Attack Emulations

#22 Cloud Security Detections: Practical Insights from Attack Emulations

May 23, 2024

Get the Giveaway

Detection engineering faces significant challenges in validating the efficacy of detection logic, particularly in accurately identifying attacker tactics, techniques, and procedures (TTPs). How do you know if your detection logic accurately detects attacker TTPs?

Traditional methods utilizing static event logs provide a foundational testing framework but often leaves a lot of uncertainty. This session will highlight some cloud security insights derived from actual cloud attack emulations.

Kennedy Torkura, Cloud Security Detection Engineer & Co-Founder and CTO of Mitigant, will share pivotal detection-building experiences with cloud security use cases. By demonstrating tested detection strategies through real-world attack scenarios, this discussion aims to equip DEs with enhanced methodologies for ensuring the reliability and accuracy of their detection systems.

Join us live on Detection Engineering Dispatch to gain first-hand knowledge on advancing your detection capabilities.

Episode Host Headshot
Kennedy Torkura
Co-Founder & CTO, Mitigant
Episode Host Headshot
Alex Hurtado
Detection Dispatch Host, Anvilogic

Additional Resources

Launch the Snowflake Lab
Anvilogic for Snowflake
How Detection Content Combat Threats in the SOC
Podcast

More Episodes

Top 10 KQL Queries Every DE Should Know

December 12, 2024

#39 Top 10 KQL Queries Every DE Should Know

In this episode, Alex sits down with Sergio Albea, an accomplished Threat Hunter, Researcher, User Behavior Analyst, and Senior Cloud Security Engineer/Architect, to share a must-have resource for detection engineers: the Top 10 KQL Queries of 2024.

Watch Now and Get the Giveaway
Typo Trouble: How LLMs Can Outsmart TYPOSQUATTING Attacks

December 5, 2024

#38 Typo Trouble: How LLMs Can Outsmart TYPOSQUATTING Attacks

In this episode, we chat with the brilliant Mike Hart, a data scientist with a mission: to outsmart the sneaky world of typosquatting attacks. Just in time for the holiday shopping frenzy, we explore how his open-source project leverages LLMs to safeguard users from clicking on malicious look-alike links.

Watch Now and Get the Giveaway
Maturing SecOps with Detection-as-Code

November 21, 2024

#37 Maturing SecOps with Detection-as-Code

Ever feel like detection rule management is stuck in the Stone Age? This episode with Wade Wells a DE powerhouse trailblazing DaC in the industry is all about leveling up with Detection-as-Code—a game-changing way to manage threat detection that ditches the manual grind. We’ll break down how using code and automation can bring collab, speed, and structure to your detection engineering game.

Watch Now and Get the Giveaway