Shows
Detection Engineering DispatchDetection Dispatch Episode 53: A New Way to UBA feat. Snowflake’s Insider Threat TeamJoin Snowflake’s Insider Threat team for a direct discussion on separating everyday behavioral drift from true malicious intent. We examine role changes, privilege creep, and off-hour access, showing how context—identity, project timelines, and data lineage—sharpens detection and reduces noise. The conversation ends with a clear-eyed look at the trade-off between missing an insider and overwhelming analysts with false alerts, offering practical guidance for any modern UBA program.About Detection Engineering DispatchDetection Engineering Dispatch is a live series featuring open discussions and live case studies with security operations teams at leading companies on what i...2025-07-1756 min
Venture with GraceSid Trivedi, Partner at Foundation Capital on Cybersecurity InvestingSid Trivedi is a Partner at Foundation Capital. ~~~~~This episode is brought to you by Verivend. If you’re a GP or LP looking to simplify the capital raising and deployment process, Verivend is here to help. Trusted by over 800 funds and managing more than $2 billion in transactions, Verivend offers a secure, streamlined payments platform designed specifically for private capital markets. Say goodbye to manual reconciliation and repeated follow-ups - raise and deploy capital faster and with greater transparency. Ready to make your fund operations smoother? Visit https://bit.ly/3GrB4Qj and see how easy it can be.~~~~~Si...2025-07-121h 04
Detection Engineering DispatchDetection Dispatch Episode 52: Prompted to Fail: When LLMs Go RogueLLMs are rewriting the rules of app security—and not always in a good way.In this episode Alex sits down with Scott Rogers, a seasoned data scientist at ANvilogic to unpack why LLMs are the new wild west of application risk—and how old-school OWASP principles are making a serious comeback.We cover:Real-world prompt injection failures (yes, including Air Canada’s rogue chatbot)How RAG systems can accidentally leak sensitive dataWhy GenAI risk ≠ traditional appsec—but it rhymesHow classic tools like SAST, DAST, and logs can still save your baconWhether...2025-06-1937 min
Detection Engineering DispatchDetection Dispatch Episode 51: 5 Bitter Pills to Swallow RE: Agentic AI w/ Oliver RochfordEveryone’s talking about agentic AI—but what are we actually building? In this episode, Oliver Rochford and Alex unpack five bitter pills security teams need to swallow about the current state of “agents.”Most aren’t autonomous, many are mislabeled, and flashy wrappers can’t hide weak detections or bad data.We dig into the hype, the gaps, and what real operational maturity looks like. If you're duct-taping GPT-4 to your SOC and hoping for magic, this one’s for you.Connect with Oliver on LinkedIn: https://www.linkedin.com/in/oliver-rochford/Check out...2025-06-0559 min
Detection Engineering DispatchDetection Dispatch Episode 50: 5 Signs You're Overengineering your Detection Logic w/ John DempseyIs your detection logic doing too much? In this special episode, Alex sits down with Johnathan Dempsey to unpack the 5 signs your rules are too complex — and why that might be hurting more than helping.From alert overload to unreadable logic, learn how to simplify without sacrificing fidelity. If your detections look like a math thesis, this one’s for you.Stay in the loop! Connect with us:Join Dispatch Community: https://www.anvilogic.com/workshopWebsite: https://www.anvilogic.com/LinkedIn: https://www.linkedin.com/company/anvilogic YouTube: https://www.youtube.com/@Anvilogic About...2025-05-2233 min
Detection Engineering DispatchDetection Dispatch Episode 49: Hack my S3 with Kennedy TorkuraWe teamed up with Kennedy Torkura, CTO & Co-founder at Mitigant to test common S3 breach techniques—SSRF pivots, credential abuse, and more—against live cloud infrastructure using Anvilogic’s open-source AWS Detection Packs and threat scenarios.We cover:Which techniques slipped through detectionHow behavioral detections held upThe hygiene checklist every detection engineer should be usingBuckets were breached. Lessons were learned. Detections were challenged.And now, you get the inside scoop on what worked—and what didn’t.Anvilogic Github Links in Episode: https://github.com/anvilogic-forge/ar... Stay in the loop! Connec...2025-05-0841 min
Detection Engineering DispatchThe AI Series: Inside URL Guardian—An LLM Built for DetectionMike Hart returns to walk through URL Guardian, our new LLM for malicious URL detection. Now live on HuggingFace, it’s built to spot suspicious patterns and reduce false positives—without the regex headaches.Check out the Hugging Face here: https://huggingface.co/Anvilogic/URLGuardianStay in the loop! Connect with us:Join Dispatch Community: https://www.anvilogic.com/workshopWebsite: https://www.anvilogic.com/LinkedIn: https://www.linkedin.com/company/anvilogic YouTube: https://www.youtube.com/@Anvilogic About Detection Engineering DispatchDetection Engineering Dispatch is a live series featuring open discussions and live c...2025-04-3043 min
Detection Engineering DispatchThe UEBA Illusion: Why Traditional UEBA Falls ShortAlex sits down with Kevin Gonzalez to pull back the curtain on User and Entity Behavior Analytics (UEBA), and expose the gap between its promises and real-world pitfalls. Hear his stories from the trenches of deploying UEBA multiple times at different organizations, and his blueprint for how teams should align UEBA with real attacker behaviors.Read his blog about his experience: https://www.anvilogic.com/learn/bg-ue...If you want to join our sessions live, join our community here: https://www.anvilogic.com/workshopStay in the loop! Connect...2025-04-1743 min
Detection Engineering DispatchEpisode 46: Machine Learning-Powered Threat Hunting ft. Sydney MarroneOur last drop for International Women's Month featuring Sydney Marrone—Principal Threat Hunter at Splunk and co-author of PEAK Threat Hunting—to explore how ML-driven techniques are transforming detection strategies.Tune in to hear Sydney and Alex break down real-world applications of advanced analytics to surface threats hidden in HTTP datasets. Check out the HEARTH community on their github here: https://github.com/THORCollective/HEARTHIf you want to join our sessions live, join our community here: https://www.anvilogic.com/workshopStay in the loop! Connect with us on social:Web...2025-04-0330 min
Detection Engineering DispatchEpisode 45: DECEIVE to Defend: AI-Powered Deception feat. Edna JonssonThis International Women’s Month, we’re celebrating leaders and supporters driving the future of threat hunting and detection engineering. Next up in our series is Edna Jonsson, a cybersecurity engineer and forever student of the trade, introducing DECEIVE—Splunk’s new DECeption with Evaluative Integrated Validation Engine.DECEIVE brings AI-powered honeypots directly into the hands of security teams, opening new possibilities for proactive threat intelligence and modern detection strategies.If you want to join our sessions live, join our community here: https://www.anvilogic.com/workshopStay in the loop! Connect with us on so...2025-03-2022 min
Detection Engineering DispatchEpisode 44: HEARTH | the community-driven threat hunting project ft. Lauren ProehlTune in with us for a discussion on HEARTH—a community-driven threat hunting GitHub repository that you’re going to want to fork as well as the importance of community intel-sharing.This episode is about community, innovation, and the women leading the way in threat hunting. Happy International Womens Month! Check out the HEARTH community on their github here: https://github.com/THORCollective/HEARTHIf you want to join our sessions live, join our community here: https://www.anvilogic.com/workshopStay in the loop! Connect with us on social:Websi...2025-03-2029 min
Detection Engineering DispatchEpisode 43: Building Thorough Detections via Detection ModelingIn this episode, host Alex Hurtado welcomes back Andrew VanVleet, who breaks down a comprehensive approach to technique analysis using Detection Data Models (DDMs). Andrew walks through a 10-step process for analyzing Kerberoasting (T1558.003), identifying four distinct attack procedures and their detection strategies. Learn how to map telemetry to detection opportunities, recognize security blind spots, and develop multi-layered strategies that make successful attacks nearly impossible. Grab your notebook for this workshop-style episode that transforms complex threat modeling into actionable defense strategies that will leave attackers rolling the dice against increasingly unfavorable odds.Join our live c...2025-03-1039 min
Bare Knuckles and Brass TacksHow Cyber Marketing Teams Can Better Understand and Connect to BuyersThis week Jeanette Belashov, of Anvilogic, joins the show to talk about smarter and more authentic cybersecurity marketing.George K and George A talk to Jeanette about: Why the lead gen MQL mindset is total BS and hurts both your strategy AND your buyers Using selling signals instead of vanity metrics to actually help your sales team connect with the right accounts at the right time about the right use case Why marketers MUST get their hands dirty with the product and spend time understanding the day-to-day challenges of practitioners Creating hybrid attribution frameworks that actually...2025-03-0349 min
Detection Engineering DispatchEpisode 42: Understanding Detection Engineering and Why Teams Struggle With ItIn this episode of Detection Dispatch, host Alex Hurtado welcomes Jimmel Peters (JP), a seasoned cyber threat detection engineer from a major media company, to unpack the million-dollar question: why are so many security teams still scratching their heads over detection engineering, even though everyone's talking about it? JP breaks it down for us, walking through how the field has evolved from a "nice-to-have" into an absolute necessity. He shares his take on why behavioral analysis is the new hotness in detection strategies. Plus, get the scoop on AI's impact, dealing with those pesky false positives, and why you...2025-02-1321 min
Detection Engineering DispatchEpisode 41: 12 Emerging Threats and How to Defend Against ThemIn this episode of Detection Dispatch, host Alex Hurtado welcomes Lee Archinal from Intel 471 to dive deep into 12 significant emerging threats observed in late 2024. From Dark Casino's financial sector targeting to the devastating healthcare attacks by Phobos ransomware, discover the latest threat actor behaviors and practical detection strategies. Learn how to leverage Intel 471's hunting packages across major EDR platforms and understand the critical intersection between threat hunting and detection engineering. Whether you're dealing with novel SEO poisoning techniques or familiar Living-off-the-Land (LOL) binaries, this episode provides actionable intelligence and detection logic you can implement today.2025-02-0542 min
Detection Engineering DispatchEpisode 40: Habits of High-Performing Detection Engineers feat. Zack 'techy' AllenIn this episode, host Alex Hurtado welcomes Zack Allen, the creator of Detection Engineering Weekly and Sr. Director of Security Detection & Research, to explore the traits of high-performing detection engineers. Discover why having "T-shaped" skills (deep knowledge in one area while maintaining broader understanding across domains) trumps being a pure specialist, and learn how psychological safety and blameless culture drive team success. Zack shares insights on emerging trends like Detection-as-Code (DaC) and AI integration and reveals why cross-team collaboration is crucial for effective threat modeling. Whether you're building a detection engineering team or looking to level up y...2025-01-2441 min
The Cyber Security Matters PodcastGrowing Successful Partnerships - Episode 45 - Yumi Nishiyama, Director of Strategic Alliances at AnvilogicDiscover the connection between martial arts and the cyber security sector in this insightful episode with Yumi Nishiyama, the Director of Strategic Alliances at Anvilogic.
Yumi shared her perspectives on everything from AI to partnerships within the industry.
Listen now to find out how women can come together to create powerful networks and enact change in the cyber security world.
The Cyber Security Matters Podcast was created by neuco, a global talent acquisition company that specialises in the space and technology sectors. To learn more about our sponsors, neuco and neu...2024-12-1328 min
Detection Engineering DispatchEpisode 39: Top 10 KQL Queries Every Detection Engineer Should KnowIn this episode, Alex sits down with Sergio Albea, an accomplished Threat Hunter, Researcher, User Behavior Analyst, and Senior Cloud Security Engineer/Architect, to share a must-have resource for detection engineers: the Top 10 KQL Queries of 2024.From detecting DLL hijacking and MFA fatigue to uncovering anonymous file access in OneDrive and SharePoint, we’ll walk through each query and the data feeds/sources required for detection and discuss their practical uses. Whether you’re new to KQL or an experienced user, these queries are designed to elevate your detection capabilities.Join our live conv...2024-12-1240 min
Detection Engineering DispatchEpisode 38: How LLMs Can Outsmart TYPOSQUATTING AttacksIn this episode, Alex sits down with the brilliant Mike Hart, a data scientist whose mission is to outsmart the sneaky world of typosquatting attacks. Just in time for the holiday shopping frenzy, we explore how his open-source project leverages LLMs to safeguard users from clicking on malicious look-alike links.With online holiday shopping being a prime target for this attack vector, the risks of not double-checking URLs are bigger than ever. Organizations, especially those operating in hybrid environments, need to stay vigilant.Mike blesses us with how his LLM (available to deploy...2024-12-1236 min
Detection Engineering DispatchEpisode 37: Maturing SecOps with Detection-as-CodeIn this episode, host Alex Hurtado welcomes Wade Wells, a seasoned detecting engineer and founder of WadingThruSecurity, for an in-depth exploration of Detection-as-Code. Discover how treating your detections like software can revolutionize your security operations, from streamlining version control to enhancing cross-team collaboration. Wade shares practical insights from implementing DaC, including tips for setting up automation, managing detections across multiple tools, and writing comprehensive detection strategy reports. Whether you're running a small shop or managing thousands of detections, learn how DaC can mature your security operations and create a more robust defense strategy. ...2024-11-2730 min
Detection Engineering DispatchEpisode 36: Get Smarter with Entity Correlation + RBA in SentinelIn this episode, host Alex Hurtado chats with Micah Funderburk and Alex Stemaly, two detection engineering forces from LastPass, about their impressive risk-based alerting (RBA) system within Microsoft Sentinel. Dive into the world of entity correlation as they break down tagging key entities, stacking risk scores, and leveraging Microsoft's Advanced Security Information Model for data normalization.Learn how RBA aggregates events to provide valuable context for security analysts and explore the intricacies of building risk scores based on impact, confidence, and asset information. Discover the benefits of deploying detections-as-code and the importance of...2024-11-1228 min
Detection Engineering DispatchEpisode 35: So, What Does a Detection Engineer Actually Do?In this episode of Detection Engineering Dispatch, host Alex Hurtado chats with Chris Black, Sr. Detection Engineer at NBCUniversal, to reveal what it really means to be a Detection Engineer. Chris shares his journey from incident responder to detection engineer, diving into why creative problem-solving, a mix of red and blue team insights, API security know-how, and self-care are keys to thriving in this high-demand field. Because let’s face it—not all heroes wear capes… some write solid detections!Grab a seat and get the scoop on what it takes to excel in det...2024-10-3134 min
Detection Engineering DispatchEpisode 34: The Threat Hunting and Alerting Secret SauceIn this episode of Detection Engineering Dispatch, host Alex Hurtado sits down with Brady Stouffer, a Principal Detection and Response Engineer at Expel, to uncover the secret sauce behind effective alert management. Learn how to strike the perfect balance between detection coverage and alert fatigue through risk-based alerting, strategic threat hunting, and the art of creating alerts that tell a story. Brady shares practical insights from years of implementation experience, demonstrating why good alerts need context and how threat hunting can uncover critical visibility gaps in your security operations.Join our live conversation...2024-10-2423 min
Detection Engineering DispatchEpisode 33: Data-Driven Paths | Breaking into Cybersecurity in the Age of Data Lakes and SilosIn this episode of Detection Engineering Dispatch, host Alex Hurtado sits down with Reanna Schultz, creator of the Defenders and Lab Coats podcast, to discuss how the rise of security data lakes is reshaping the skills needed to succeed in the modern security operations center (SOC). Reanna shares her unconventional journey into cybersecurity, emphasizing the importance of continuous learning and the value of the collaborative cybersecurity community.Discover key insights on understanding the diverse roles within a SOC, combating analyst burnout by finding your passions and focusing on value-added tasks, and leveraging metrics...2024-10-1737 min
Detection Engineering DispatchEpisode 32: Smoky Signals | Security ETL & Data Optimization with a Tasting Twist with Darwin SalazarIn this episode of Detection Engineering Dispatch, host Alex Hurtado sits down with Darwin Salazar, the author of the Cybersecurity Pulse Newsletter and Founding PM at Monad. Tune in to gain actionable insights on addressing the intricacies associated with data streams and pipelines while savoring the rich flavors of Mezcal. Discover the importance of log source prioritization, look at your data pipeline hygiene, and apply the 80/20 rule to log sources. Grab a glass, relax, and let’s navigate the data flow with a fun twist!Join our live conversation bi-weekly on Thursdays! You on...2024-10-1052 min
Detection Engineering DispatchEpisode 31: The Cybersecurity Dilemma | Platformization vs. Best-of-Breed Solutions with Richard StiennonIn this episode of Detection Dispatch, we are excited to present a conversation with Richard Stiennon, a seasoned industry analyst. Tune in to hear Richard and host Alex Hurtado explore the intricacies of detection engineering and the critical decision-making processes involved in selecting the most effective cybersecurity solutions. Discover the pitfalls of single-vendor platforms and the benefits of a defense-in-depth strategy, providing actionable insights for security leaders.Join our live conversation bi-weekly on Thursdays! You only have to register once:➡️ Register Here Stay in the...2024-09-3032 min
Bare Knuckles and Brass TacksWinning Cyber Practitioners' Trust, Standing Out in the Job Market, and Innovation with Chas Larios!This week, Chas Larios of Anvilogic joins the show to about her approach to winning practitioners' trust through respect for their time and attention.George K and George A talk to Chas about:🚀 Building brands on principles and the importance of giving back to the cyber community🧠 How her technical Infosec background informs her marketing😳 How she hires, and why resumes are the LAST thing she looks at🎙️ Changes in the market and favorite bands, as turns the table and interviews the Georges!This episode is full of insights fo...2024-06-1749 min
Capture the CISOFinals - Season 2
Welcome to the finals of Capture the CISO Season 2!
Our host is Rich Stroffolino and our judges are Alexandra Landegger, executive director and CISO, Collins Aerospace, and Edward Contreras, EVP and CISO, Frost Bank.
Our contestants:
Attila Szász, CEO & Founder, BugProve
Omer Singer, vp, strategy, Anvilogic
Russell Spitler, CEO & co-founder, Nudge Security
Huge thanks to all our contestants who are also sponsors of Capture the CISO
BugProve
BugProve offers a vulnerability management platform for embedded devices.
Its...2024-05-1840 minCapture the CISOSeason 2: Anvilogic, Lumius, and Onyxia
To watch the demo videos, and see the transcript, check out the blog post of this episode on CISOseries.com.
Welcome to Season 2 Episode 1 of Capture the CISO, hosted by Richard Stroffolino.
Our contestants:
Omer Singer, vp, strategy, Anvilogic
Satish Veerapuneni, CEO & co-founder, Lumeus
Sivan Tehila, CEO, Onyxia
Huge thanks to all our contestants who are also sponsors of Capture the CISO
Anvilogic
Lumeus
Onyxia
2024-04-1739 min
The New York Information Security MeetupDavid Raviv | Sid Trivedi | UnscriptedDavid Raviv had the opportunity to have an unscripted conversation with Sid Trivedi, partner at Foundation Capital.
Growing up across Asia, Sid enjoyed a front row seat as the mobile phone transformed the entire planet. His dad worked for Nokia during the early 2000’s when it was one of the most valuable brands in the world, and was able to bring home a new phone for Sid to test each week. The increasing speed and impact of each innovation was enough to get him hooked, and naturally Sid pursued a career in the tech sector.
Si...2022-10-1747 min
Enterprise Security Weekly (Video)Akamai, PerimeterX HUMAN Merger, Azure Vulns, Blockchain Sec Startups, & Brash CEOs - ESW #282In the Enterprise Security News: Blockchain security startups are still raising tons of money, but not in crypto, since it’s now worthless. Ha! just kidding. Maybe. Am I? Anvilogic, AppViewX, Sotero, Resourcely, and Push Security all raise rounds JUICY RUMORS! Is Crowdstrike buying Orca? Is Akamai getting bought out by a PE shop? HUMAN and PerimeterX join in a rare cybersecurity merger, Are Azure’s vulnerabilities out of control? Zoom brings end-to-end encryption to its cloud phone service, npm says FINE, we’ll add some security, Kaseya’s CEO is just, telling it like it is, man. The problem...2022-07-2932 min
Security Weekly Podcast Network (Audio)ESW #282 - Jamie Moles, Dixon Styres, Tim Morris, Paul KellyIn the Enterprise Security News: Blockchain security startups are still raising tons of money, but not in crypto, since it’s now worthless. Ha! just kidding. Maybe. Am I? Anvilogic, AppViewX, Sotero, Resourcely, and Push Security all raise rounds JUICY RUMORS! Is Crowdstrike buying Orca? Is Akamai getting bought out by a PE shop? HUMAN and PerimeterX join in a rare cybersecurity merger, Are Azure’s vulnerabilities out of control? Zoom brings end-to-end encryption to its cloud phone service, npm says FINE, we’ll add some security, Kaseya’s CEO is just, telling it like it is, man. The problem...2022-07-291h 44
Enterprise Security Weekly (Audio)ESW #282 - Jamie Moles, Dixon Styres, Tim Morris, Paul KellyIn the Enterprise Security News: Blockchain security startups are still raising tons of money, but not in crypto, since it’s now worthless. Ha! just kidding. Maybe. Am I? Anvilogic, AppViewX, Sotero, Resourcely, and Push Security all raise rounds JUICY RUMORS! Is Crowdstrike buying Orca? Is Akamai getting bought out by a PE shop? HUMAN and PerimeterX join in a rare cybersecurity merger, Are Azure’s vulnerabilities out of control? Zoom brings end-to-end encryption to its cloud phone service, npm says FINE, we’ll add some security, Kaseya’s CEO is just, telling it like it is, man. The problem...2022-07-291h 44
Why Wait? The Rise of Real-Time AnalyticsRockset: Why Wait? The Rise of Real Time Analytics - Episode 1, AnvilogicJoin us as we discuss with engineering leaders the intersection of analytics and real-time data. In our first-ever episode, we chat with Deb Banerjee, Anvilogic's CTO & Co-Founder, on how he built an automated detection platform.2021-03-3133 min