← All talks
Topic

Detection Engineering talks at BSides

422 talks tagged Detection Engineering from 90 chapters of BSides events worldwide.

Related topics
BlueTechnicalTalkPurpleIntermediaryCase Studies and Incidents Analysis
49:41
Open Source Malware Lab
Robert Simmons
BSides London · 2016
TechnicalDFIRDetection EngineeringMalware AnalysisIntermediaryBlueTechnical Deep-divesTalk
Open →2016-07
41:25
Command-Line Obfuscation: You Can Run, _and_ You Can Hide
Wietze Beukema
BSides Dublin · 2024
TechnicalDFIRDetection EngineeringTalk
Open →2024-06
51:37
Security Onion: Peeling Back the Layers of Your Network in Minutes
Doug Burks
BSides Augusta · 2013
TechnicalToolingDFIRDetection EngineeringNetwork SecurityBlueDemoTalk
Open →2013-09
30:27
David Bianco - The Secret Origins of the Pyramid of Pain
David Bianco
BSides Augusta · 2022
TechnicalDetection EngineeringThreat IntelIntermediaryBlueCase Studies and Incidents AnalysisMethodologyTalk
Open →2022-10
28:52
BSidesSF 2017 - Linux Monitoring at Scale with eBPF (Brendan Gregg & Alex Maestretti)
Brendan GreggAlex Maestretti
BSidesSF · 2017
TechnicalDetection EngineeringNetwork SecurityBlueTalk
Open →2017-03
42:44
Threat Hunting On Linux And Mac With Auditbeat System Module
Aaron Jewitt
BSides Luxembourg · 2019
TechnicalDFIRDetection EngineeringBlueTalk
Open →2019-11
55:35
Objectively Measuring Hunt Value
Justin KohlerPatrick Perry
BSides Augusta · 2018
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2018-10
1:07:55
The AI Cyber War: Inside the AI Arms Race Between Attackers and Hunters
Mike Spicer
BSides SLC · 2025
TechnicalAI SecurityDetection EngineeringKeynote
Open →2025-10
45:10
Gollum: One Anti-Phish Bot to Rule Them All
Byron Rudman
BSides Cape Town · 2019
TechnicalDetection EngineeringThreat IntelToolingBlueTalk
Open →2019-12
43:57
TL;DR: Applying AI to Security
Clint Gibler
BSidesSF · 2024
TechnicalAI SecurityDetection EngineeringThreat IntelIntroTalk
Open →2024-07
56:31
Using JA3: Asking for a Friend?
Justin WarnerEd Miles
BSides DC · 2019
TechnicalCryptographyDFIRDetection EngineeringNetwork SecurityBlueRedTalk
Open →2019-11
13:24
MITRE D3FEND
James Gibbins
BSides London · 2022
TechnicalDetection EngineeringThreat ModelingIntroBlueTalk
Open →2022-01
46:48
Detecting Malicious Websites using Machine Learning
Ajit ThyagarajanAndrew Beard
BSides DC · 2016
ResearchTechnicalDetection EngineeringNetwork SecurityTalk
Open →2016-10
46:31
Detection as Code: The Engineering-Focused Future of Detection and Response
Jackie BowJulie Agnes SparksJessica RozhinLouis Barrett
BSidesSF · 2023
TechnicalDetection EngineeringDevSecOpsThreat IntelBluePanel
Open →2023-05
24:21
Find, Fix, Finish: Generating Competitive Advantage With Threat Hunting
Brody Nisbet
BSides Canberra · 2024
TechnicalDetection EngineeringThreat IntelBlueMethodologyTalk
Open →2024-10
17:51
The Art Of Cyber Deception
Joshua Wardle
BSides London · 2025
TechnicalDetection EngineeringThreat IntelTalk
Open →2024-02
55:25
Confidently Measuring Attack Technique Coverage by Asking Better Questions
Matt Graeber
BSides Augusta
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringBlueTalk
Open →2021-10
25:31
NLP for Security Log Analysis: Learning to Crawl Before You Run
Arjun Chakraborty
BSidesSF · 2023
ResearchTechnicalAI SecurityDetection EngineeringTalk
Open →2023-05
45:17
Enterprise Security Monitoring: Comprehensive Intel-Driven Detection
David Bianco
BSides Augusta · 2013
TechnicalDetection EngineeringThreat IntelMethodologyTalk
Open →2013-09
37:14
Understanding, Abusing and Monitoring AWS AppStream 2.0
Rodrigo Montoro
BSides Las Vegas · 2022
TechnicalCloud IAMDetection EngineeringTalk
Open →2022-09
37:51
Building an Effective Intrusion Detection Program
Jason Craig
BSidesSF · 2017
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2017-03
29:03
macOS Endpoint Security Framework: What It Can Do And How To Use It
Connor Morley
BSides Munich · 2022
TechnicalDetection EngineeringMalware AnalysisBlueTalk
Open →2022-05
44:54
A Quick, Efficient Yet Not Entirely Sane Introduction to Deception
John Strand
BSides Frankfurt
TechnicalActive DirectoryDetection EngineeringIntermediaryBlueDemoTalk
Open →2025-03
38:25
How to Stop Worrying & Build a Modern Detection & Response Program
Allyn Stott
BSides Berlin · 2023
TechnicalDetection EngineeringThreat IntelThreat ModelingBlueMethodologyTalk
Open →2024-01
28:25
Understanding IRSF Fraud: Protecting Against SMS Exploitation
Vien VanSenthil Sivasubramanian
BSidesSF · 2025
TechnicalDetection EngineeringThreat IntelWeb AppSecTalk
Open →2025-10
50:58
Threat hunting: Using MITRE ATT&CK against Carbanak malware
Amol Sarwate
BSidesSF · 2022
TechnicalDetection EngineeringMalware AnalysisThreat IntelIntermediaryBlueCase Studies and Incidents AnalysisTechnical Deep-dives+1
Open →2022-07
33:40
Quick And Easy Forensic Timelines Via Sysmon, WEF, And ELK
Aaron Jewitt
BSides Munich · 2019
TechnicalDFIRDetection EngineeringBlueTalk
Open →2019-03
27:56
Honeypot Boo Boo: Better Breach Detection With Deception Inception
Justin Varner
BSides Munich
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2023-10
43:20
Eyeing the Onion
Brad ShoopChris Rimondi
BSides Augusta · 2013
TechnicalDetection EngineeringNetwork SecurityBlueDemoTalk
Open →2013-09
43:27
Threat Hunting AWS CloudTrail Logs with Microsoft Sentinel: Real-Time Attack Demo
Arijit Paul
BSides Sydney · 2025
TechnicalCloud IAMDetection EngineeringThreat IntelIntermediaryDemo
Open →2025-02
23:14
Network Security: It Just Makes pfSense
Kyle Goode
BSides Knoxville · 2026
TechnicalDetection EngineeringNetwork SecurityTalk
Open →2025-01
33:30
MITRE D3FEND and How to Master It
Saba Bagheri
BSides Sydney · 2025
TechnicalDetection EngineeringThreat IntelThreat ModelingBlueCase Studies and Incidents AnalysisMethodologyTalk
Open →2025-02
14:37
Storytelling For SOC Analysts: Effective Investigation Notetaking And Report Writing
Han O'Connor
BSides London · 2025
CareerCareer & Soft SkillsDetection EngineeringIntroTalk
Open →2025-02
26:05
CoinMiner Are Evasive - Omri Segev Moyal & Thomas Roccia
Omri Segev MoyalThomas Roccia
BSides TLV · 2018
TechnicalDetection EngineeringMalware AnalysisCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2018-07
24:40
Logs and Tactical Defence
Allan Stojanovic
BSides Toronto · 2014
TechnicalDetection EngineeringNetwork SecurityThreat IntelBlueTalk
Open →2014-12
33:30
Your Intrusion Detection Still Sucks (And What to Do About It)
Jason Craig
BSidesSF · 2025
TechnicalDetection EngineeringThreat IntelTalk
Open →2025-10
20:25
Leveraging Osquery for DFIR at Scale
Sohini Mukherjee
BSidesSF · 2020
TechnicalDFIRDetection EngineeringIntermediaryTalk
Open →2020-03
34:05
"SSH, so hot right now. Profiling it with HASSH" - Ben Reardon & Adel Karimi
Ben ReardonAdel Karimi
BSides Canberra · 2019
TechnicalDetection EngineeringNetwork SecurityThreat IntelTalk
Open →2019-05
51:22
The No BS SOC Story
Mark Simos
BSides Tampa · 2024
CareerDetection EngineeringBlueTalk
Open →2024-05
29:14
Alex Kirk - Incident response and threat hunting using Bro/Zeek data
Alex Kirk
BSides Augusta · 2019
TechnicalDFIRDetection EngineeringThreat IntelIntermediaryBlueCase Studies and Incidents AnalysisTechnical Deep-dives+1
Open →2019-10
48:34
Using DeTT&CT and the MITRE ATT&CK Framework to Assess Your Security Posture
David Branscome
BSides Knoxville · 2022
TechnicalDetection EngineeringThreat ModelingIntermediaryBlueDemoTalk
Open →2022-05
25:10
Finetuning Large Language Models (LLMs) for Security Log Detections
Wilson Tang
BSidesSF · 2024
TechnicalAI SecurityDetection EngineeringThreat IntelTalk
Open →2024-07
27:48
Team Threat Hunting with AI and Automation
Kenneth Peeples
BSides Charleston · 2024
TechnicalAI SecurityContainer SecurityDetection EngineeringThreat IntelTalk
Open →2024-11
41:24
BSides Perth Day 1 (Part 2)
BSides Perth · 2021
TechnicalDFIRDetection EngineeringMalware AnalysisTalk
Open →2021-09
31:52
A Case Study of MacOS Supply Chain Compromise
Jason CraigMichael George
BSidesSF · 2018
TechnicalDetection EngineeringMalware AnalysisSupply Chain SecurityBlueCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2018-04
41:49
Prioritising your security work using MITRE ATT&CK
Floris Ladan
BSides Tallinn · 2022
TechnicalDetection EngineeringThreat IntelThreat ModelingIntermediaryBlueTalk
Open →2022-10
45:48
One Technique, Two Techniques, Red Technique, Blue Technique: Operationalizing MITRE ATT&CK
Jamie WilliamsDaniel Weiss
BSides DC 2018
TechnicalDetection EngineeringThreat IntelThreat ModelingTalk
Open →2018-11
45:41
Surfacing a Hydra: Unveiling a Multi-Headed Chinese State-Sponsored Campaign Against a Foreign Government
Mark Parsons
BSides Charleston · 2024
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueCase Studies and Incidents AnalysisTalk
Open →2024-11
49:48
AV Evasion - How Adversaries Aim to Bypass Antivirus Tools
Marvin Ngoma
BSides Joburg · 2024
TechnicalDetection EngineeringMalware AnalysisDemoTalk
Open →2024-08
23:55
A Study on Intrusion Detection Systems with a Practical Experiment on Snort - Vigneshwar Sethuraman
Vigneshwar Sethuraman
BSides Vancouver · 2021
TechnicalDetection EngineeringNetwork SecurityIntermediaryCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2021-06
8:26:49
Thinking Outside the SOC: Structured Analytical Techniques for the Overloaded Cyber Analyst
Haley BeamAlina Thai
BSides Las Vegas · 2025
TechnicalDFIRDetection EngineeringThreat IntelTalk
Open →2025-08
50:00
Hunting PowerShell Attacks on The Open Internet
Paul Melson
BSides Augusta · 2019
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2019-10
37:47
Don't Google 'PowerShell Hunting'
Josh RykowskiSean Eyre
BSides Augusta · 2017
TechnicalDFIRDetection EngineeringMalware AnalysisTalk
Open →2017-09
53:12
AI and Machine Learning in Network Security - Igor Mezic
Igor Mezic
BSides KC · 2022
ResearchTechnicalAI SecurityDetection EngineeringNetwork SecurityTalk
Open →2022-10
1:02:52
eBPF For Security Monitoring
James Ogden
BSides Leeds · 2019
TechnicalDetection EngineeringMalware AnalysisNetwork SecurityDemoTalk
Open →2019-01
44:08
From Soup To Nuts: Building A Detection-as-Code Pipeline - David French
David French
BSides Dublin · 2024
TechnicalDetection EngineeringIntermediaryBlueTalk
Open →2024-06
33:15
Keynote: Winning the AI Race: Verifiability is All You Need
Sergej Epp
BSides Frankfurt · 2025
TechnicalAI SecurityDetection EngineeringThreat ModelingTechnical Deep-divesKeynote
Open →2025-12
22:49
Scaling Amazon GuardDuty: A Comprehensive Detection Strategy
Avinash Reddy ThummaAmin
BSides Ahmedabad · 2025
TechnicalCloud IAMDetection EngineeringThreat IntelTalk
Open →2025-05
50:02
Hunting Supply Chain Threats Using Anomaly Detection
Craig Chamberlain
BSidesSF · 2023
TechnicalCloud IAMDetection EngineeringSupply Chain SecurityCase Studies and Incidents AnalysisMethodologyTalk
Open →2023-05
1:05:35
A Deep Look into a Chinese Advanced Attack
Michael Gough
BSides DC · 2015
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2015-12
37:15
How to Train Your Detection Dragon
Geet Pradhan
BSidesSF · 2025
TechnicalDetection EngineeringBlueTalk
Open →2025-10
42:06
Attacking Microsoft Exchange: Fusing LightNeuron with Cobalt Strike
Leon Jacobs
BSides Cape Town · 2023
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringAdvancedPurpleRedTalk
Open →2023-12
40:55
Quando o Simples Vence: Anatomia Real dos Ataques que Continuam Funcionando
Ricardo Tavares
BSides São Paulo · 2025
War StoriesActive DirectoryDetection EngineeringMalware AnalysisThreat IntelBluePurpleCase Studies and Incidents Analysis+1
Open →2025-06
36:45
Testing Security Solutions with Atomic Red Team
Michael Haag
BSides Knoxville · 2018
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2019-04
24:38
Automating Event Log Production & Testing for SIEM Detection
Alek Rollyson
BSides Augusta · 2017
TechnicalDetection EngineeringToolingBlueTalk
Open →2017-09
28:33
Hack the system: exploring libpam with uprobes and eBPF
Peter McConnell
BSides Belfast · 2025
TechnicalDetection EngineeringReverse EngineeringAdvancedDemoTalk
Open →2025-02
55:33
Using MITRE D3FEND to Defend Against Cyber Threats
Jacek GrymuzaKacper Zariczny
BSides Warsaw · 2024
TechnicalDetection EngineeringNetwork SecurityThreat ModelingBlueTalk
Open →2024-07
46:01
Drop It Like It's Qbot: Detecting Initial Execution Earlier with OSINT
Stef Rand
BSides Augusta · 2023
TechnicalDetection EngineeringMalware AnalysisOSINTThreat IntelBlueTalk
Open →2023-10
32:39
Unpacking Impacket: Detect remote execution of offensive tools
Tyler Bohlmann
BSides SLC · 2022
TechnicalActive DirectoryDFIRDetection EngineeringBlueTalk
Open →2023-01
8:18:26
2025 B-Sides
Robert Percy
BSides St. John's · 2025
TechnicalAI SecurityDetection EngineeringSupply Chain SecurityKeynote
Open →2025-09
45:17
PowerShell Is Dead – Epic Learnings
Ben TurnerDoug McLeod
BSides Scotland · 2019
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringAdvancedRedTalk
Open →2019-06
39:24
5 Gaps Exposed In 30+ Real-World Tabletop Exercises - Ashu Savani
Ashu Savani
BSides London · 2025
ResearchTechnicalDetection EngineeringCase Studies and Incidents AnalysisEmpirical ResearchTalk
Open →2026-03
49:46
Project DiSIEM
Ana RespícioFernando AlvesAlysson BessaniPedro Ferreira
BSides Lisbon · 2018
TechnicalDetection EngineeringOSINTThreat IntelTechnical Deep-divesTalk
Open →2018-12
14:30
LLM-Powered Network Intrusion Detection
Taeyang Kim
BSides SLC · 2025
TechnicalAI SecurityDetection EngineeringNetwork SecurityBlueTalk
Open →2025-06
37:55
Simple Data Exfiltration in a Secure Industry Environment
Phil Cronin
BSides Boston · 2016
TechnicalWar StoriesDetection EngineeringNetwork SecurityThreat IntelRedTalk
Open →2016-08
42:42
Open Source Intelligence Based Intrusion Detection System
Ivo Vacas
BSides Lisbon · 2018
TechnicalDetection EngineeringOSINTThreat IntelBlueTalk
Open →2018-12
47:23
Open Source GitOps for Detection Engineering
Zach Wasserman
BSides Las Vegas · 2023
TechnicalDetection EngineeringDevSecOpsBlueDemoTalk
Open →2023-10
18:48
Think You're Stealthy? How to Detect Attacks in AD
Rachit AroraSai Sathvik RuppaAakash Raman
BSides Charm · 2025
TechnicalActive DirectoryDFIRDetection EngineeringIntermediaryBlueTalk
Open →2025-05
32:15
Security Lessons Learnt From The Cloud Frontline - Ben Fletcher
Ben Fletcher
BSides Belfast · 2024
TechnicalCloud IAMDetection EngineeringThreat IntelCase Studies and Incidents AnalysisTalk
Open →2024-03
1:57:51
BSides LV 2023 - Proving Ground - Tuesday
Yuval ZakariaNicholas Carroll
BSides Las Vegas · 2023
TechnicalDetection EngineeringMalware AnalysisOSINTReverse EngineeringTalk
Open →2023-08
37:13
Take Down Cyberthreat Dwell Time With Optimum Security
Eric Payne
BSides Vancouver · 2021
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2021-06
21:18
Understanding the Latest MITRE ATT&CK Evaluation Data
Norm Chan
BSides Vancouver · 2021
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2021-06
49:21
PW - Detecting Credential Abuse
Troy DeftyKathy Zhu
BSides Las Vegas
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2024-09
55:44
Fernando Tomlinson - Gaining 20/20 vision during an incident with PowerShell
Fernando Tomlinson
BSides Augusta · 2019
TechnicalDFIRDetection EngineeringMalware AnalysisBlueTalk
Open →2019-10
43:49
SplunkGPT: Fine-tuning GPT-3 for Detection Engineering
Jake CoyneAndrew Gomez
BSides Augusta · 2023
TechnicalAI SecurityDetection EngineeringToolingTalk
Open →2023-10
19:06
Tired of Playing Exploit Kit Whack-A-Mole? Let's automate
Anjum Ahuja
BSidesSF · 2017
TechnicalDetection EngineeringMalware AnalysisVulnerability ResearchTechnical Deep-divesTalk
Open →2017-03
35:12
Using BloodHound as a Defender: Tips from the Red Team
Andrew McNicol
BSides Charm · 2024
TechnicalActive DirectoryDetection EngineeringThreat ModelingBlueTalk
Open →2024-06
41:27
Fundamentals That Time Forgot
Troy Jessup
BSides SLC · 2015
TechnicalDetection EngineeringNetwork SecurityIntroTalk
Open →2015-04
43:16
Testing Endpoint Security Solutions with Atomic Red Team
BSides Asheville · 2018
TechnicalDetection EngineeringThreat ModelingIntermediaryBluePurpleMethodologyDemo
Open →2019-03
44:06
BG - The Fault in Our Metrics: Rethinking How We Measure Detection & Response
Allyn Stott
BSides Las Vegas
TechnicalDetection EngineeringBlueTalk
Open →2024-09
22:43
The Math Behind Threat Hunting: Find Attacks Hidden in Your Logs
Ekpe Edidiong
BSides SLC · 2026
TechnicalDetection EngineeringThreat IntelIntermediaryBlueTalk
Open →2026-04
40:28
Slipping The Net: Qakbot, Emotet And Defense Evasion
Cian Heasley
BSides Cambridge · 2024
TechnicalDetection EngineeringMalware AnalysisSocial EngineeringBlueTalk
Open →2024-01
47:22
Secrets of the Second Factor: Threat Hunting with Multi-Factor Authentication
Susan Paskey
BSides Las Vegas · 2022
TechnicalDetection EngineeringThreat IntelIntermediaryBlueCase Studies and Incidents AnalysisTalk
Open →2022-09
43:57
MS SQL Super Quality Logs
Tristan
BSides Perth · 2023
TechnicalDetection EngineeringThreat IntelIntermediaryBlueMethodologyTechnical Deep-divesTalk
Open →2023-08
57:04
Network Segmentation without a Network Engineer
Mike Burns
BSides Charm · 2024
TechnicalActive DirectoryDetection EngineeringNetwork SecurityTalk
Open →2024-06
45:01
How to Fight DDoS Attacks from the Command Line
Michael McMahon
Bsides CT · 2025
TechnicalDetection EngineeringNetwork SecurityBlueDemoTalk
Open →2026-01
22:10
Code C.A.I.N – Keeping Your Source Code Under Control
Rotem Reiss
BSides TLV · 2022
TechnicalDetection EngineeringOSINTSupply Chain SecurityTalk
Open →2022-07
48:43
Applying Data Science to Identify Malicious Actors in Enterprise Logs
Balaji Balakrishnan
BSides DC · 2016
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2016-10
50:37
Enemy Within: Leveraging Purple Teams for Advanced Threat Detection & Prevention
Jayson GraceAdam Bradbury
BSides Las Vegas · 2023
TechnicalDetection EngineeringThreat IntelThreat ModelingPurpleCase Studies and Incidents AnalysisMethodologyTalk
Open →2023-10
29:35
How I Learned to Stop Worrying and Build a Modern Detection & Response Program
Allyn Stott
BSides Toronto · 2023
TechnicalDetection EngineeringThreat ModelingBlueMethodologyTalk
Open →2023-11
View all 422 talks tagged Detection Engineering →