CRED’s Saksham Tushar on Data Enrichment for Effective Threat Detection

In this episode of Detection at Scale, Jack speaks with Saksham Tushar, Head of Security Operations & Threat Detection Engineering at CRED, about the challenges of compliance in a high-growth environment. Saksham shares their strategy for automating security processes and enriching data to enhance threat detection. 

He emphasizes the importance of verifying automated outcomes to ensure accuracy. Saksham also covers how CRED uses Python libraries for efficient incident response and the significance of contextual understanding in security incidents. With a focus on streamlining compliance and leveraging intelligence, Saksham provides valuable insights into building a robust security operations framework in a rapidly evolving landscape.

Topics discussed:

• How CRED distilled complex compliance requirements into a manageable set of common standards to streamline processes.
• The importance of correlating various log sources to create a comprehensive view of security incidents.
• How automation has transformed security processes, making them more efficient and effective.
• The use of threat intelligence and how it is centralized and automated to provide actionable insights for security teams.
• The development of internal Python libraries that facilitate quick data queries for incident investigations.
• The importance of understanding the context around security incidents to better inform responses and strategies.
• How using notebooks for investigations aids in communication and auditing, allowing for clear documentation of processes.
• How to organize a team to maintain agility while ensuring diverse skill sets are leveraged effectively.
• The necessity of verifying automated processes to ensure they yield accurate and actionable outcomes.

Resources Mentioned: 

• Saksham Tushar on LinkedIn
• CRED website