5 Signs You're Overengineering your Detection Logic

April 24, 2025

Mike Hart returns to walk through URL Guardian, our new LLM for malicious URL detection.

April 10, 2025

In this episode, Kevin Gonzalez will pull back the curtain on User and Entity Behavior Analytics (UEBA), and expose the gap between its promises and real-world pitfalls.

March 27, 2025

Threat hunting is evolving, and machine learning is pushing the boundaries of what's possible. Alex Hurtado hosts Sydney Marrone—Principal Threat Hunter at Splunk and co-author of PEAK Threat Hunting—to explore how ML-driven techniques are transforming detection strategies.

March 20, 2025

DECEIVE brings AI-powered honeypots directly into the hands of security teams, opening new possibilities for proactive threat intelligence and modern detection strategies.

March 13, 2025

Join Alex as she hosts Lauren Proehl (Director, Global Cyber Defense at a leading FSI & Founder of THOR Collective) for a discussion on HEARTH—a community-driven threat hunting GitHub repository that you’re going to want to fork as well as the importance of community intel-sharing.

February 27, 2025

In this episode, Andrew VanVleet walks us through detection modeling with a Detection Data Model (DDM). We'll map out an attack technique and build a thorough detection strategy using Kerberoasting (T1558.003) – cracking a password hash using Kerberos service tickets – as an example.

February 13, 2025

In this episode, we break down why Detection Engineering needs to shift from one-off alert building to a proactive, structured strategy.

January 30, 2025

In this episode, Alex sits down with Lee Archinal, an accomplished Threat Hunter, Researcher at Intel471, to share a must-have resource for detection engineers: the 12 Emerging Threats and Hunting Packages.

January 16, 2025

Ever wonder what sets the best detection engineers apart? In this episode, we hang out with Zach Techy Allen from Detection Engineering Weekly to break down the habits, hacks, and mindsets that make high performers actually stand out.

December 12, 2024

In this episode, Alex sits down with Sergio Albea, an accomplished Threat Hunter, Researcher, User Behavior Analyst, and Senior Cloud Security Engineer/Architect, to share a must-have resource for detection engineers: the Top 10 KQL Queries of 2024.

December 5, 2024

In this episode, we chat with the brilliant Mike Hart, a data scientist with a mission: to outsmart the sneaky world of typosquatting attacks. Just in time for the holiday shopping frenzy, we explore how his open-source project leverages LLMs to safeguard users from clicking on malicious look-alike links.

November 21, 2024

Ever feel like detection rule management is stuck in the Stone Age? This episode with Wade Wells a DE powerhouse trailblazing DaC in the industry is all about leveling up with Detection-as-Code—a game-changing way to manage threat detection that ditches the manual grind. We’ll break down how using code and automation can bring collab, speed, and structure to your detection engineering game.

November 7, 2024

Join Detection Engineers Micah Funderburk and Alex Temaly as they break down their RBA success story in Sentinel—packed with insights, tips, and the best moves to help your SOC catch threats faster and smarter.

October 31, 2024

Join Alex and Chris Black, Senior Detection Engineer at NBC Universal, as they take you inside the dynamic world of detection engineering and explore why it just might be the coolest job you’ve never heard of–our parents for sure never have.

October 24, 2024

In this episode, Alex sits down with a seasoned cybersecurity expert from Expel Security to explore what makes a good alert and how to avoid drowning in a sea of irrelevant notifications.

October 17, 2024

In this episode, we dive into the evolving world of cybersecurity with Reanna Schultz and how the rise of security data lakes is reshaping the skills needed to succeed.

October 10, 2024

This discussion, featuring Darwin Salazar author of the Cybersecurity Pulse Newsletter, will dive into key considerations when operationalizing Cyber Threat Intelligence (CTI) for detection efforts, using reports like the latest Anvilogic Mid Year Forge Report with a dash of mezcal flair.

October 3, 2024

In this episode, Richard Stiennon, a renowned cybersecurity author and Alex explore the tensions between all-in-one cybersecurity platforms and specialized, best-of-breed solutions.

September 26, 2024

In this episode of our Dispatch series, we delve into the critical topic of insider threats with expert practitioner Rebecca Blair, Author of Aligning to MITRE.

September 12, 2024

This episode will delve into the transformation of cyber threat intelligence from simply collecting indicators of compromise (IOCs) to a more strategic approach, where intelligence is used to anticipate future threats, inform decision-making, and enhance overall cybersecurity posture. 

August 29, 2024

Join us as we debunk these myths and uncover the truth behind effective security practices.

August 15, 2024

Join us for an engaging episode designed for security professionals eager to elevate their threat detection game through data independence.

August 1, 2024

Join us for a recap of the first half of 2024, where we discuss the top attack techniques currently shaping the cyber threat landscape.

July 18, 2024

Join us for an insightful session with Oliver Rochford, author of the Curious AI newsletter, as we explore the transformative potential of AI chatbots in security operations centers (SOCs).

June 20, 2024

Learn about the overlapping relationship between detection engineering and threat hunting, and how these two activities feed off each other.

June 6, 2024

In this episode, you'll learn how to write a good incident report. This episode is intended for analysts and senior analysts that exclusively work with evidence.

May 23, 2024

This session will highlight some cloud security insights derived from actual cloud attack emulations.

May 9, 2024

Join us as we uncover the strategic and technical dimensions of evolving SOC operations unlocking insights that are as transformative as they are practical for today's cybersecurity leaders.

April 11, 2024

Join us for this session packed with detection engineering insights. Arm yourself with knowledge, for with great knowledge comes great responsibility.

March 28, 2024

Join us for an eye-opening episode of Detection Dispatch, where we delve into the critical realm of cloud security detection.

March 14, 2024

Omer Singer, VP of Strategy and Tim Frazier, Sales Engineering Director sit down to discuss how security data lakes can unlock new use cases, and more effective and efficient processes for detection engineering teams.

February 29, 2024

Mike Hart & Scott Rodgers, Principal Data Scientists at Anvilogic, sit down to discuss how SOC teams can leverage LLMs and work effectively with their data scientists to let the machines do more work, for you.

February 15, 2024

Join Kevin Lo, Senior Threat Researcher at Anvilogic, for a deep dive session on all things threat research and how it plays into the entire detection engineering lifecycle.

February 1, 2024

Join Omer Singer, VP of Strategy and Tim Frazier, Sr. Sales Engineer for a deep dive into the world of threat modeling.

January 18, 2024

Join us for the first episode of 2024 with Raymie Michael, Security Engineer @ eBay.

December 7, 2023

Learn the basics of identifying files, encoding, and encryption based on file characteristics & contents.

November 9, 2023

Learn what detection engineering skills are most crucial in todays environment

October 26, 2023

Learn how you can improve your investigation skills for lateral movements in Windows Event Logs.

October 12, 2023

In this episode, you'll learn how to maintain a healthy security environment to prevent the unexpected.

September 28, 2023

In this episode, learn how you can leverage AI to automate the tuning & maintenance of your alerts.

September 14, 2023

Come learn how Anvilogic leverages ML to help you get the most of not just your Snowflake investment, but any data platform you use.

August 31, 2023

Join us for our 7th episode where we'll continue diving deeper into the fundamentals of detection engineering.

August 17, 2023

This session will help you deduce when a webshell may be in the process of being installed/utilized, and how to get ahead of it. If you love getting hands-on, and into the details- this session is for you!

August 3, 2023

Watch the session to hear from Sota, and see how Anvilogic can empower your Splunk investment to defend against these type of attacks.

July 20, 2023

This session will help you fine-tune your hunting skills when you encounter a threat, understand popular types of payloads, and triage efficiently. Stay tuned for the giveaway where you can apply your learnings hands-on!

July 6, 2023

It's time to up-level or test your detection engineering skills by achieving top-level objectives and answering quiz-style questions to emerge victorious in this epic CTF challenge.

June 22, 2023

We'll walk through examples, and be giving away detections that can help you apply your learning hands-on right after the session. Come join us, and stay ahead with the detection engineering community!

June 8, 2023

Learn how to get the most from your Splunk investment by automating detection-as-code to easily deploy detections in minutes.