The Always-On Purple Team: An Automated CI/CD for Detection Engineering
Вставка
- Опубліковано 29 вер 2024
- Presenters:
Stephen Sims, Offensive Operations Curriculum Lead and Fellow, SANS Institute
Erik Van Buggenhout, Director, NVISO & SANS Institute
These speakers will share tips on building the always-on purple team! This session will present an innovative architecture that merges industry-leading SOC technologies, SIEM/XDR, SOAR, BAS, and a pinch of ChatGPT. The result is a detection engineering CI/CD pipeline that can automatically create, test, and deploy detection analytics. The proof is in the pudding: Live demo included!
www.rsaconfere...