Guest:

• Julien Vehent, Security Engineering Manager in the Detection and Response team @ Google

Topics:

• What is special about detecting modern threats in modern environments?
• How does the Google team turn the knowledge of threats into detection logic?
• Run through an example of creating a detection for a new threat?
• How do we test our detection rules?
• We use the same people to write detections and to respond to resulting alerts, how is it working?
• What are the key skills of good security analysts to build cloud threat detection?

Resources:

• "Site Reliability Engineering" book (free)
• "Building Secure & Reliable Systems" book (free)
• "Securing DevOps" by our very guest Julien Vehent