In this episode, Jack speaks with David Seidman, Head of Detection and Response at Robinhood. David has worked for large tech companies like Google, Microsoft, and Salesforce in a variety of D&R roles. 

During this episode, David shares his tactical advice on how his team is building the pipes and engines of security at Robinhood, his top tools to improve fidelity of detections, and what he’s learned in his career that’s made him a better practitioner and leader. 

Topics discussed: 

The ‘unusual strategies’ and hypothesis on the kill chain model David has not shared before publicly 

His top five tools to use to improve the fidelity of your detections 

How David has seen composite detection be effective in practice and why it is most effective when it’s analyst driven 

His experience working on Google Cloud's Event Threat Detection 

What a mature IR process look like today and how to train staff that’s run IR in the past

A big challenge and growth area in the industry that doesn’t get enough attention 

The new frontier of what the detection and response stack will look like in the future

David’s keys to an effective IR program, such as regular exercises, communications plan, having access and permissions to data, strong controls, and more.  

The three actionable takeaways David learned from his roles at Google, Microsoft, Salesforce, and now Robinhood that make him a better practitioner and leader today

Podden och tillhörande omslagsbild på den här sidan tillhör Panther Labs. Innehållet i podden är skapat av Panther Labs och inte av, eller tillsammans med, Poddtoppen.