Preview Mode Links will not work in preview mode

Cloud Security Podcast by Google

Jul 18, 2022


  • Tim Nguyen, Director of Detection and Response @ Google


  • I know we don’t like to say “SOC” here, so why don’t we talk about the role of automation in detection and response (D&R) at Google?
  • One SRE concept we found useful in security operations is “toil” - How do we squeeze toil out of D&R practice at Google?
  • A combined analyst and engineer role (just like an SRE) was critical for both increasing automation and reducing toil, how hard was it to put this into practice? Tell us about that journey?
  • How do we automate security signal analysis, can you give us a few examples?
  • D&R metrics have been a big pain point for many organizations, how does SRE thinking of SLOs and SLIs (and less about SLAs) helps us in our “not SOC”?
  • How do we avoid falling into the “time to respond” trap that rewards fast response, sometimes at the cost of good?