Simply Defensive

In this episode of Simply Defensive, host Josh Mason talks with co-host Wade Wells about the concept of 'detection as code,' a methodology in cybersecurity focusing on automating and enhancing detection logic using software development principles. Wade shares his experiences and upcoming engagements, including his talk at Blue Team Con in Chicago. The duo delves into the intricacies of detection engineering, highlighting the similarities with DevOps practices and the importance of proper tuning and testing. They discuss the challenges and benefits of employing detection as code, its future potential, and the role of cybersecurity tools like Splunk, CrowdStrike, and Google Chronicle. The episode also touches on how detection engineering could impact red teaming and the importance of understanding the client's environment to create effective detections.