Detection Dispatch Episode 34: The Threat Hunting and Alerting Secret Sauce

In this episode of Detection Engineering Dispatch, host Alex Hurtado sits down with Brady Stouffer, a Principal Detection and Response Engineer at Expel, to uncover the secret sauce behind effective alert management. Learn how to strike the perfect balance between detection coverage and alert fatigue through risk-based alerting, strategic threat hunting, and the art of creating alerts that tell a story. Brady shares practical insights from years of implementation experience, demonstrating why good alerts need context and how threat hunting can uncover critical visibility gaps in your security operations. Join our live conversation bi-weekly on Thursdays! You only have to register once: ➡️ Register Here Stay in the loop! Connect with us on social: Website: https://www.anvilogic.com/ LinkedIn: https://www.linkedin.com/company/anvilogic YouTube: https://www.youtube.com/@Anvilogic Chapters 00:00 Introduction 02:01 Brady's career background 03:40 Risk-based alerting experience 05:54 Balancing alert volume with threat hunting 07:04 Developing threat hunting priorities 09:41 Challenges of MITRE coverage 12:53 Approach to threat hunting 15:41 Value beyond finding threats 17:46 AI's role in SecOps 19:22 What makes a good alert 22:06 Security community insights 23:31 Closing remarks