EP110 Detection and Response in a High Velocity and High Complexity Environment

Cloud Security Podcast by Google - A podcast by Anton Chuvakin - Mondays

Categories:

Guest:  David Seidman, Head of Detection and Response @ Robinhood Toipics: Tell us about joining Robinhood and prioritizing focus areas for detection in your environment? Tim and Anton argue a lot about what kind of detection is best - fully bespoke and homemade, or scalable off-the-shelf. First, does our framework here make sense, and second, looking at your suite of detection capabilities, how have you chosen to prioritize detection development and detection triage? You're operating in AWS: there are a lot of vendors doing detection in AWS, including AWS themselves. How have you thought about choosing your detection approaches and data sources? Finding people with as much cloud expertise as you can't be easy: how are you structuring your organization to succeed despite cloud detection and response talent being hard to find? What matters more: detection skills or cloud skills? What has been effective in ramping up your D&R team in the cloud? What are your favorite data sources for detection in the cloud? Resources: “Detection as Code? No, Detection as COOKING!” “On Threat Detection Uncertainty” “Radical Candor” by Kim Scott “Daring Greatly” by Brene Brown “Extreme Ownership” by Jocko Willink “Drive” by Daniel Pink