On this week's episode of the Detection at Scale podcast, Jack talks with Drew Gatchell, Director, Detection Engineering at AppOmni. They discuss how to overcome the challenges to detection on SaaS platforms and how they're building strategies upon alerting and detection frameworks. They also talk about how generative AI can help with normalizing inputs, the benefits of data lakes for D&R, and why it's key to have a measurable plan for detection.
Topics discussed:
How AppOmni is tackling the challenges of detection in SaaS platforms and auto-logs, especially when it comes to varied latency.
What frameworks Drew is working with and how he's building upon them for better detection.
How signal creation starts with a hypothesis that can be turned into a plan, and why it's important to include signal redundancy.
What techniques AppOmni takes to address security in real time.
How they're using AI to normalize their inputs and create additional content on top of the detection rules.
The benefits of data lakes and how they're a tremendous asset to D&R.
Advice for security leaders on having a measurable plan for detection, why detection should be layered, and the need to continuously validate your capabilities.
Podden och tillhörande omslagsbild på den här sidan tillhör Panther Labs. Innehållet i podden är skapat av Panther Labs och inte av, eller tillsammans med, Poddtoppen.
