Episode 156 - Detection as Code with Nick Hakmiller

July 20, 2021 Hacker Valley Studio

00:00:00

Show Notes

In this episode, we speak to a Detection and Response expert! Our guest is Nick Hakmiller, Senior Engineering Manager at Panther Labs.

Nick was first exposed to technology in High School where he took an introduction to Visual Basic programming course. When learning about multi-threaded applications Nick became curious and began exploring how to open too many threads to crash a computer. Throughout Nick’s career he’s maintained an interest and focus on attack techniques and building defensive security programs.

On occasions, security controls may fail to catch an attacker. A detection is logic that is applied to logs, security controls, and alerts to notify teams and automated processes. Nick describes Python as an exceptional programming language to apply detections and create detections as code.

Nick describes many aspects of security as an engineering problem. As organizations transform and adopt new technologies, security issues arise and evolve. Nick describes that the team’s that are most successful with applying detection as code have chosen to view security as a function that engineering should participate in and help solve.

As an organization’s security program matures, Nick mentions that the most impactful detections will likely be written and created by someone within the organization. For instance, creating a detection that defines which users should have access to sensitive data is likely to be created by a member of the organization with knowledge of team structure.

Towards the end of the episode, Nick shares his wisdom to any practitioner that wants to step into the role of creating detections and providing impact while doing so.

 

Key Takeaways

0:00 - Welcome Back to the Hacker Valley Studio Podcast!

2:29 - Nick Hakmiller, Senior Engineering Manager at Panther Labs

4:20 - How Nick became interested in technology

6:00 - What is a detection?

7:25 - How detection as code applies to cybersecurity and software engineering

10:11 - Prerequisites to consider before applying detection as code

12:27 - Thinking beyond out of the box solutions and applying detections

15:54 - Categories of detections and which are most impactful

23:45 - Reducing alerts by engineering efforts

27:40 - Is it possible to automate everything for security?

32:56 - Advice on getting started with creating detections

 

Keep in touch with Nick Hakmiller on LinkedIn

Reach out to Nick on Panther’s Community Slack

Stay up to date with Nick’s work by viewing Panther Analysis

Learn more about Panther Labs

Recent Episodes

February 20, 2024

AI & Phishing: Fighting Fire with

Fire

In this episode, Host Ron Eddings is joined by Vishal Dixit, Co-founder & CTO at Graphus Inc., and Sven Bechmann, Senior Product Manager of Email Security at Kaseya to dig into how phishing attacks are evol...

February 14, 2024

Andrew Forgie's Path From Apache

Mechanic to Cybersecurity Sales ...

In this episode, Andrew Forgie takes us on his journey from his early days as an Apache helicopter mechanic in the military to his current role as a regional sales manager in cybersecurity.  Andrew shares his t...

February 6, 2024

Zinet Kemal's Journey From

Ethiopian Immigrant to TEDx Spea...

In this episode of Hacker Valley Studio, we dive into the inspiring journey of Zinet Kamal, an immigrant from Ethiopia who has carved a niche for herself in cybersecurity. Despite starting her journey with limi...

January 30, 2024

Paving the Path for CISOs of the

Future with Gary Hayslip

In this episode, Host Ron Eddings catches up with repeat guest, Gary Hayslip, CISO at SoftBank Investment Advisors and co-author of CISO Desk Reference guide. Gary explains that the varied nature of his current...

January 23, 2024

The Untold Story of Browser Risks:

Pioneering Enterprise Browser Se...

In this episode, Host Ron Eddings and guest Or Eshed, CEO of Layer X, discuss how changes in IT infrastructure, employee behavior and malicious tech have created an era where browser security is a must. Or deta...

January 16, 2024

Cyber Defense Reinvented: The New

Era of Attack Surface Management...

In this episode, Host Ron Eddings talks with guest Isaac Clayton, Senior Research Engineer at NetSPI. Ron and Isaac discuss the importance of ASM for organizations of all sizes, the challenges of asset identifi...

January 9, 2024

Cyber Resilience Unpacked: Securing

Tomorrow Today with Bill Bernard

In this episode, Host Ron Eddings dives deep into crafting a resilient cybersecurity approach with guest speaker Bill Bernard, VP of Security Strategy at Deepwatch. Bill discusses the necessity of understanding...

January 2, 2024

Looking Backward to GROW Forward in

Cybersecurity in 2024

In this episode, we’ll take a walk down memory lane. Hacker Valley looks back to 2023 to bring you some of the best clips with great advice and insight into being more creative, reflective, and resourceful with...

December 19, 2023

What’s Lurking In Your Containers?

AMBERSQUID Operations, Freejacki...

In this episode, Host Ron Eddings, discusses new tactics of adversaries with Director of Threat Research at Sysdig, Michael Clark. Michael digs into the cloud and shares trends about the AMBERSQUID operation an...

December 12, 2023

Pivotal Policy in the Age of AI

with AJ Grotto

In this episode, Host Chris Cochran chats it up with former White House Senior Director for Cyber Policy, AJ Grotto. AJ shares his viewpoints about the current state of AI policies, the potential risks and bene...

WORK WITH US

PODCASTS + SPEAKING + EVENTS

Are you the best kept secret in cybersecurity? Let's change that by partnering together for podcast ads, social campaigns, and your next event or keynote. Send us your details to get started.