July 20, 2021

Episode 156 - Detection as Code with Nick Hakmiller

by Hacker Valley Studio

July 20, 2021

Episode 156 - Detection as Code with Nick Hakmiller

by Hacker Valley Studio

Show Notes

In this episode, we speak to a Detection and Response expert! Our guest is Nick Hakmiller, Senior Engineering Manager at Panther Labs.

Nick was first exposed to technology in High School where he took an introduction to Visual Basic programming course. When learning about multi-threaded applications Nick became curious and began exploring how to open too many threads to crash a computer. Throughout Nick’s career he’s maintained an interest and focus on attack techniques and building defensive security programs.

On occasions, security controls may fail to catch an attacker. A detection is logic that is applied to logs, security controls, and alerts to notify teams and automated processes. Nick describes Python as an exceptional programming language to apply detections and create detections as code.

Nick describes many aspects of security as an engineering problem. As organizations transform and adopt new technologies, security issues arise and evolve. Nick describes that the team’s that are most successful with applying detection as code have chosen to view security as a function that engineering should participate in and help solve.

As an organization’s security program matures, Nick mentions that the most impactful detections will likely be written and created by someone within the organization. For instance, creating a detection that defines which users should have access to sensitive data is likely to be created by a member of the organization with knowledge of team structure.

Towards the end of the episode, Nick shares his wisdom to any practitioner that wants to step into the role of creating detections and providing impact while doing so.

 

Key Takeaways

0:00 - Welcome Back to the Hacker Valley Studio Podcast!

2:29 - Nick Hakmiller, Senior Engineering Manager at Panther Labs

4:20 - How Nick became interested in technology

6:00 - What is a detection?

7:25 - How detection as code applies to cybersecurity and software engineering

10:11 - Prerequisites to consider before applying detection as code

12:27 - Thinking beyond out of the box solutions and applying detections

15:54 - Categories of detections and which are most impactful

23:45 - Reducing alerts by engineering efforts

27:40 - Is it possible to automate everything for security?

32:56 - Advice on getting started with creating detections

 

Keep in touch with Nick Hakmiller on LinkedIn

Reach out to Nick on Panther’s Community Slack

Stay up to date with Nick’s work by viewing Panther Analysis

Learn more about Panther Labs

Read more

Listen Now

Episode 156 - Detection as Code with Nick Hakmiller

July 20, 2021 Hacker Valley Studio

00:00:00

Recent Episodes

September 19, 2023
by Hacker Valley Studio

It’s a classic technologist conundrum: Should I build or buy the solution I need to solve a problem? The “Build vs. Buy” conundrum is faced by technology teams worldwide. To help approach this riddle, Chris Cochran speaks to two industry veterans, Sl...

September 12, 2023
by Hacker Valley Studio

Embrace the AI Revolution in Cybersecurity! Ron Eddings explores the dynamic world of AI, from cybersecurity automation to anomaly detection. Learn how AI is being used by practitioners and creators to stay one step ahead of the adversary and the com...

September 5, 2023
by Hacker Valley Studio

For this week's episode, we brought back a fan favorite Security Teams Can't Do It All. This episode features guest Rob Wood, CISO at CMS, who discusses the challenges of data silos in the workplace and the importance of supportive leadership.   Link...

August 29, 2023
by Hacker Valley Studio

In this episode, host Ron is joined by the CISO at Corvus Insurance, Jason Rebholz, to talk about the life of being a cybersecurity content creator. From his drive to create cyber content for technical and non-technical audiences to the sometimes har...

August 22, 2023
by Hacker Valley Studio

In this episode, hosts Ron and Chris are joined by special guest Eric Avigdor, VP of Product Management at Votiro. With humility as the focal point, Eric details his journey as a Product Manager — sharing his unique approach to leadership and custome...

August 15, 2023
by Hacker Valley Studio

Host Chris Cochran is joined by Marty Overman, Senior VP at Imperva, to discuss the importance of self-awareness and transparency in cybersecurity leadership. The two emphasize the need for leaders to recognize their strengths and weaknesses and unde...

August 1, 2023
by Hacker Valley Studio

In this episode, host Ron is joined by Jamie Blasco, co-founder and CTO at Nudge Security, to discuss the opportunities of SaaS as well as the security implications of AI. Jamie also considers the importance of striking a balance between productivity...

July 25, 2023
by Hacker Valley Studio

How do you effectively persuade team members and stakeholders to take action, convey the importance of new projects, or request additional resources? Communicating technical security information often leads to disconnection or worse, falls on deaf ea...

July 18, 2023
by Hacker Valley Studio

In this episode, Chris and Ron Eddings are joined by Jeff Man, a legend in cybersecurity. The conversation begins with Jeff sharing his experiences as a member of the first NSA red team and his involvement in groundbreaking projects. He discusses his...

July 11, 2023
by Hacker Valley Studio

In this episode, Chris and Ron interview Derek Wood from Duality Technologies, a leading privacy technology company to discuss the concept of homomorphic encryption and its significance in data security, privacy, and governance. Homomorphic encryptio...