Preview Mode Links will not work in preview mode

Cloud Security Podcast by Google

Nov 20, 2023


  • John Stoner, Principal Security Strategist, Google Cloud Security

  • Dave Herrald, Head of Adopt Engineering, Google Cloud Security


  • In your experience, past and present, what would make clients trust vendor detection content?

  • Regarding “canned”, default or “out-of-the-box” detections, how to make them more production quality and not merely educational samples to learn from?

  • What is more important, seeing the detection or being able to change it, or both?

  • If this is about seeing the detection code/content, what about ML and algorithms?

  • What about the SOC analysts who don't read the code?

  • What about “tuning” - is tuning detections a bad word now in 2023?

  • Everybody is obsessed about “false positives,” what about the false negatives? How are we supposed to eliminate them if we don’t see detection logic?