Mike Hart returns to walk through URL Guardian, our new LLM for malicious URL detection. Now live on HuggingFace, it’s built to spot suspicious patterns and reduce false positives—without the regex headaches.

Check out the Hugging Face here: https://huggingface.co/Anvilogic/URLGuardian

Stay in the loop! Connect with us:

• Join Dispatch Community: https://www.anvilogic.com/workshop
• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

Alex sits down with Kevin Gonzalez to pull back the curtain on User and Entity Behavior Analytics (UEBA), and expose the gap between its promises and real-world pitfalls.

Hear his stories from the trenches of deploying UEBA multiple times at different organizations, and his blueprint for how teams should align UEBA with real attacker behaviors.

Read his blog about his experience: https://www.anvilogic.com/learn/bg-ue...

If you want to join our sessions live, join our community here: https://www.anvilogic.com/workshop

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

Our last drop for International Women's Month featuring Sydney Marrone—Principal Threat Hunter at Splunk and co-author of PEAK Threat Hunting—to explore how ML-driven techniques are transforming detection strategies.

Tune in to hear Sydney and Alex break down real-world applications of advanced analytics to surface threats hidden in HTTP datasets. 

Check out the HEARTH community on their github here: https://github.com/THORCollective/HEARTH

If you want to join our sessions live, join our community here: https://www.anvilogic.com/workshop

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

This International Women’s Month, we’re celebrating leaders and supporters driving the future of threat hunting and detection engineering. Next up in our series is Edna Jonsson, a cybersecurity engineer and forever student of the trade, introducing DECEIVE—Splunk’s new DECeption with Evaluative Integrated Validation Engine.

DECEIVE brings AI-powered honeypots directly into the hands of security teams, opening new possibilities for proactive threat intelligence and modern detection strategies.

If you want to join our sessions live, join our community here: https://www.anvilogic.com/workshop

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

Tune in with us for a discussion on HEARTH—a community-driven threat hunting GitHub repository that you’re going to want to fork as well as the importance of community intel-sharing.

This episode is about community, innovation, and the women leading the way in threat hunting. Happy International Womens Month! 

Check out the HEARTH community on their github here: https://github.com/THORCollective/HEARTH

If you want to join our sessions live, join our community here: https://www.anvilogic.com/workshop

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

In this episode, host Alex Hurtado welcomes back Andrew VanVleet, who breaks down a comprehensive approach to technique analysis using Detection Data Models (DDMs). Andrew walks through a 10-step process for analyzing Kerberoasting (T1558.003), identifying four distinct attack procedures and their detection strategies. Learn how to map telemetry to detection opportunities, recognize security blind spots, and develop multi-layered strategies that make successful attacks nearly impossible. 

Grab your notebook for this workshop-style episode that transforms complex threat modeling into actionable defense strategies that will leave attackers rolling the dice against increasingly unfavorable odds.

Join our live conversation bi-weekly on Thursdays! You only have to register once:
➡️ Register Here

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

In this episode of Detection Dispatch, host Alex Hurtado welcomes Jimmel Peters (JP), a seasoned cyber threat detection engineer from a major media company, to unpack the million-dollar question: why are so many security teams still scratching their heads over detection engineering, even though everyone's talking about it? JP breaks it down for us, walking through how the field has evolved from a "nice-to-have" into an absolute necessity. He shares his take on why behavioral analysis is the new hotness in detection strategies. Plus, get the scoop on AI's impact, dealing with those pesky false positives, and why you really (really!) need to test your detection rules before pushing them live. If you're looking to level up your detection game, this conversation is packed with practical wisdom you won't want to miss.

Join our live conversation bi-weekly on Thursdays! You only have to register once:
➡️ Register Here

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

In this episode of Detection Dispatch, host Alex Hurtado welcomes Lee Archinal from Intel 471 to dive deep into 12 significant emerging threats observed in late 2024. From Dark Casino's financial sector targeting to the devastating healthcare attacks by Phobos ransomware, discover the latest threat actor behaviors and practical detection strategies. Learn how to leverage Intel 471's hunting packages across major EDR platforms and understand the critical intersection between threat hunting and detection engineering. 

Whether you're dealing with novel SEO poisoning techniques or familiar Living-off-the-Land (LOL) binaries, this episode provides actionable intelligence and detection logic you can implement today.

Get the comprehensive PDF guide with detailed hunting packages here: https://hubs.ly/Q0344ZZ00

Join our live conversation bi-weekly on Thursdays! You only have to register once:
➡️ Register Here

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

In this episode, host Alex Hurtado welcomes Zack Allen, the creator of Detection Engineering Weekly and Sr. Director of Security Detection & Research, to explore the traits of high-performing detection engineers. Discover why having "T-shaped" skills (deep knowledge in one area while maintaining broader understanding across domains) trumps being a pure specialist, and learn how psychological safety and blameless culture drive team success. Zack shares insights on emerging trends like Detection-as-Code (DaC) and AI integration and reveals why cross-team collaboration is crucial for effective threat modeling. 

Whether you're building a detection engineering team or looking to level up your skills, this episode offers practical wisdom from years of security leadership experience.

Join our live conversation bi-weekly on Thursdays! You only have to register once:
➡️ Register Here

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

In this episode, Alex sits down with Sergio Albea, an accomplished Threat Hunter, Researcher, User Behavior Analyst, and Senior Cloud Security Engineer/Architect, to share a must-have resource for detection engineers: the Top 10 KQL Queries of 2024.

From detecting DLL hijacking and MFA fatigue to uncovering anonymous file access in OneDrive and SharePoint, we’ll walk through each query and the data feeds/sources required for detection and discuss their practical uses. Whether you’re new to KQL or an experienced user, these queries are designed to elevate your detection capabilities.

Join our live conversation bi-weekly on Thursdays! You only have to register once:
➡️ Register Here

Stay in the loop! Connect with us on social:

• Website: https://www.anvilogic.com/
• LinkedIn: https://www.linkedin.com/company/anvilogic 
• YouTube: https://www.youtube.com/@Anvilogic 

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.

About Detection Engineering Dispatch
Detection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what it takes to build a great detection engineering program. Join your peers to share knowledge, deep dive into technical best practices, and engage in discussions relevant to the detection engineering community.