July 20, 2021

Episode 156 - Detection as Code with Nick Hakmiller

by Hacker Valley Studio

July 20, 2021

Episode 156 - Detection as Code with Nick Hakmiller

by Hacker Valley Studio

Show Notes

In this episode, we speak to a Detection and Response expert! Our guest is Nick Hakmiller, Senior Engineering Manager at Panther Labs.

Nick was first exposed to technology in High School where he took an introduction to Visual Basic programming course. When learning about multi-threaded applications Nick became curious and began exploring how to open too many threads to crash a computer. Throughout Nick’s career he’s maintained an interest and focus on attack techniques and building defensive security programs.

On occasions, security controls may fail to catch an attacker. A detection is logic that is applied to logs, security controls, and alerts to notify teams and automated processes. Nick describes Python as an exceptional programming language to apply detections and create detections as code.

Nick describes many aspects of security as an engineering problem. As organizations transform and adopt new technologies, security issues arise and evolve. Nick describes that the team’s that are most successful with applying detection as code have chosen to view security as a function that engineering should participate in and help solve.

As an organization’s security program matures, Nick mentions that the most impactful detections will likely be written and created by someone within the organization. For instance, creating a detection that defines which users should have access to sensitive data is likely to be created by a member of the organization with knowledge of team structure.

Towards the end of the episode, Nick shares his wisdom to any practitioner that wants to step into the role of creating detections and providing impact while doing so.

 

Key Takeaways

0:00 - Welcome Back to the Hacker Valley Studio Podcast!

2:29 - Nick Hakmiller, Senior Engineering Manager at Panther Labs

4:20 - How Nick became interested in technology

6:00 - What is a detection?

7:25 - How detection as code applies to cybersecurity and software engineering

10:11 - Prerequisites to consider before applying detection as code

12:27 - Thinking beyond out of the box solutions and applying detections

15:54 - Categories of detections and which are most impactful

23:45 - Reducing alerts by engineering efforts

27:40 - Is it possible to automate everything for security?

32:56 - Advice on getting started with creating detections

 

Keep in touch with Nick Hakmiller on LinkedIn

Reach out to Nick on Panther’s Community Slack

Stay up to date with Nick’s work by viewing Panther Analysis

Learn more about Panther Labs

Read more

Listen Now

test
Episode 156 - Detection as Code with Nick Hakmiller

July 20, 2021 Hacker Valley Studio

00:00:00

Recent Episodes

March 28, 2023
by Hacker Valley Studio

Special Thanks to our sponsor NetSPI NetSPI has a team of skilled pen-testers that can help you find those critical vulnerabilities and become your partner in creating the right remediation game plan for you. Check them out at http://netspi.com/HVM ...

March 21, 2023
by Hacker Valley Studio

In this episode of the podcast, Ron Eddings and Chris Cochran share insights and tips on how to navigate a career in cybersecurity. They discuss the importance of having the right mindset, finding the right career path, building a network, and ...

March 14, 2023
by Hacker Valley Studio

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris tackle arguably one of the most difficult roles in cybersecurity: Incident Response. Drawing on his years of experience at organizations such as US Cyber Command, NSA, and N...

March 7, 2023
by Hacker Valley Studio

In this episode, Chris and Ron are joined by author, TED Talk presenter, and Chief Research Officer at WithSecure, Mikko Hyppönen, to discuss the past, present, and future of cybersecurity. With over 30 years of experience in cybersecurity, Mikko ...

February 28, 2023
by Hacker Valley Studio

In this episode of the Hacker Valley Studio podcast, Chris Cochran and Ron Eddings discuss cybersecurity resources for learning and standing out in the field. In the episode, the two discuss SANS Institute posters for pentesting, purple teaming, and ...

February 21, 2023
by Hacker Valley Studio

Welcome to the Hacker Valley Studio podcast, Ron Eddings and Chris Cochran reflect on their most pivotal moments in the industry. The two share personal stories that shaped their careers, from Chris' journey to landing his dream role at Netflix to Ro...

February 14, 2023
by Hacker Valley Studio

In this episode of the Hacker Valley Studio podcast, hosts Ron Eddings and Chris Cochran explore the power of ChatGPT and attempt to build a Python script that scrapes BleepingComputer for the latest headlines. Chris also takes a moment to reflect on...

February 7, 2023
by Hacker Valley Studio

In this episode of the Hacker Valley Studio, hosts Ron and Chris are joined by McKenna Yeakey to talk about her experience with being laid off in cybersecurity and finding a new job. Mckenna shares her journey through the emotional and psychological ...

January 31, 2023
by Hacker Valley Studio

In this episode of the podcast, Maril Vernon joins Ron and Chris and discusses the importance of breaking down silos between cyber teams and inspiring individuals to drive their own careers in cybersecurity. Maril has been a key player in promoting t...

January 24, 2023
by Hacker Valley Studio

In this episode of Hacker Valley Studio, Rob Wood, Chief Information Security Officer (CISO) at CMS, discusses the challenges of data silos within organizations. Rob explains that security teams often operate in silos, with different departments focu...