The Detection at Scale Podcast is dedicated to helping security practitioners and their teams succeed at managing and responding to threats at a modern, cloud scale. Every episode is focused on actionable takeaways to help you get ahead of the curve and prepare for the trends and technologies shaping the future.
Episodes
Tuesday Feb 27, 2024
Tuesday Feb 27, 2024
On this week's episode of the Detection at Scale podcast, Jack talks with Justin Anderson, Security Engineering Manager, Detection & Response at Meta. They discuss how Meta has built its detection engineering program, how it treats detection-as-code like software, and how it gauges risk by assessing the TTPs applicable to the environment. They also talk about where AI is able to help out in development, the greater need for engineering and investigation skills, and three things to remember when building a security program.
Topics discussed:
- How Meta gauges risk by assessing the TTPs applicable to the environment and measuring coverage across those TTPs.
- How they built out their detection platform on a custom infrastructure and treat detection-as-code like software.
- Why they take a shift left approach to detection, starting with TTPs hypotheses and then eliminating as much noise as possible.
- How taking a page from the vulnerability management playbook helps reduce noise around detections.
- AI’s current limitations in detection and response, yet how it helps with writing code and speeding up development times.
- Why there's a greater need for stronger engineering and investigation skills, in addition to coding skills.
- Advice to security professionals to focus on understanding, identifying, and executing when building out their program.
Comments (0)
To leave or reply to comments, please download free Podbean or
No Comments
To leave or reply to comments,
please download free Podbean App.