Decoding Detection As Code - A Deep Dive with Wade Wells | S1 E2: Simply Defensive

In this episode of Simply Defensive, host Josh Mason talks with co-host Wade Wells about the concept of 'detection as code,' a methodology in cybersecurity focusing on automating and enhancing detection logic using software development principles. Wade shares his experiences and upcoming engagements, including his talk at Blue Team Con in Chicago. The duo digs into the intricacies of detection engineering, highlighting the similarities with DevOps practices and the importance of proper tuning and testing. They discuss the challenges and benefits of employing detection as code, its future potential, and the role of cybersecurity tools like Splunk, CrowdStrike, and Google Chronicle. The episode also touches on how detection engineering could impact red teaming and the importance of understanding the client's environment to create effective detections. 00:00 Introduction to Simply Defensive 00:55 Wade's Upcoming Talk at Blue Team Con 02:17 Understanding Detection as Code 04:49 Detection Engineering in Practice 08:35 Challenges and Solutions in Detection Engineering 14:57 Career Path in Detection Engineering 21:45 Understanding Detection Engineering in Private Industry 22:22 Roles and Responsibilities of a Detection Engineer 23:34 Creating Effective Detections 25:58 Tools and Techniques for Detection Engineering 28:50 Challenges and Solutions in Detection Engineering 32:25 Future of Detection Engineering and Open Source Tools 34:16 Resources and Training for Detection Engineering 40:41 Conclusion and Final Thoughts ========================= Connect with your hosts: Josh Mason: https://www.linkedin.com/in/joshuacmason Wade Wells: https://www.linkedin.com/in/wadingthrulogs ========================= Simply Cyber empowers people who want a rewarding cybersecurity career 💪 ========================= ========================= All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials =========================