detection - devilreef.net

devilreef.net

Sign in Subscribe

detection

A collection of 3 posts

Democratizing Security Detection

Democratizing Security Detection

This was a post I authored which originally published on the Palantir Blog. It is copied here for posterity. Introduction Security detection programs face significant scaling challenges. As the size and scope of an organization grows, so too do the volume and diversity of security alerts; this influx can result

Alerting and Detection Strategy Framework

Alerting and Detection Strategy Framework

This was a post I co-authored which originally published on the Palantir Blog. It is copied here for posterity. Alerting and Detection Strategies (ADS) are one of the critical requirements for an effective Incident Response (IR) and Detection team. Well-functioning IR teams invest time and energy into development of new

Windows Event Forwarding for Network Defense

Windows Event Forwarding for Network Defense

This was a post I co-authored which originally published on the Palantir Blog. It is copied here for posterity. Incident detection and response across thousands of hosts requires a deep understanding of actions and behavior across users, applications, and devices. While endpoint detection and protection tools can provide some lift