APRIL 30, 12:00-2:00 PM - ROOM 22470
Workshop: Purple Teaming with Detection-As-Code for Modern SIEM - Ken Westin
This hands-on workshop will demonstrate how to use Purple team techniques to develop hypotheses for new detections and strengthen their defenses against future attacks.
Our approach: We will use open-source offensive security tools to simulate attacks against lab infrastructure and use an investigative approach to learn and build new detections & manage them using detection-as-code principles to eliminate noise and false positives.
Who should attend?
This hands-on virtual workshop is perfect for detection & security engineers who are expected to develop and write detections to support new log sources, threat models, and vulnerabilities that are exploited in the wild