2024-06-08, 10:00–10:45, Track 1 (UC Conference Rm A)
This presentation is for security practitioners who are interested in learning about the fundamentals of Detection-as-Code and how to build a CI/CD pipeline to automate the management of detection rules in security tools.
Core concepts and benefits of Detection-as-Code will be covered before walking through the process of building and implementing a CI/CD pipeline. A practical threat detection use case will be utilized throughout the presentation before testing it end-to-end.
David French is a Detection & Response Engineer and Threat Hunter with many years of experience both working as a defensive cybersecurity practitioner and on the vendor side of life doing threat research and building security solutions. He currently works at Google Cloud where he helps security practitioners defend their organization from attack using Chronicle Security Operations.
He likes to pay it forward by sharing knowledge and research with the community via blogging, presenting at conferences such as Black Hat and BSides, and contributing to MITRE ATT&CK. David is the creator of Dorothy, a tool to simulate attacker behavior in Okta environments.