The Always-On Purple Team: An Automated CI/CD for Detection Engineering


Posted on in Presentations

These speakers will share tips on building the always-on purple team! This session will present an innovative architecture that merges industry-leading SOC technologies, SIEM/XDR, SOAR, BAS, and a pinch of ChatGPT. The result is a detection engineering CI/CD pipeline that can automatically create, test, and deploy detection analytics. The proof is in the pudding: Live demo included!

Participants
Stephen Sims

Speaker

Offensive Operations Curriculum Lead and Fellow, SANS Institute

Erik Van Buggenhout

Speaker

Director, NVISO & SANS Institute


Share With Your Community