Snowflake’s Haider Dost and Daniel Wyleczuk-Stern: What You Need To Start Building a Scalable Detection Program
If you were building a detection program today, what would be your top resources to start with?
As we head into a cloud-based future, the ability of handling increased data sets becomes crucial, teams need to have processes in place that cover the entire detection lifecycle, and develop skills necessary to help build, grow and improve a successful detection program.
In today's episode, we had an insightful conversation with Snowflake’s Global Threat Intelligence and Detection Engineering Leader, Haider Dost and Senior Security Engineer, Daniel Wyleczuk-Stern where we discovered why data and being able to query that data is a critical first step.
Topics discussed in this episode:
- Haider's and Daniel's background in security.
- The precursors and skills necessary to becoming an engineer.
- A high level approach to building strong detection teams.
- The importance of collecting and correlating log sources for a proper incident response.
- How to be proactive when building your detection baseline.
- What a detection lifecycle process is and why every team should have one.
- What the biggest challenges of building a detection program are.
- Why it’s critical that responders or analysts have a sense of ownership on the detections that are being built.
- How security teams at Fortune 500 and Silicon Valley companies differ from each other.
Why Trust Is Critical To Building a Scalable Security Team With Gusto’s Fredrick Lee
A master class with Fredrick Lee on how to lead a security organization from the trenches and what security teams can do when working in a hypergrowth environment.
What Security Data Can Tell You About Detection and Response with Omer Singer
Omer Singer shares actionable advice to succeed at detection at scale in today's data-driven cybersecurity industry.