Goblin Loot

Introduction Detection engineering underpins half of the entire cybersecurity industry but remains only ever softly spoken about or kept in some corner of the conference. So I've started this diary to capture the work I do in my roles and demonstrate different best practices implemented into the real world. This diary has five goals set: share with people the complexity of working in detection engineering highlight best practice and how it fits share candid details on inter-team work and break/fix tasks ensure every entry has something that can be used immediately by other people keep the format like diary with no formal structure and a personal tone Note: The content I generate will be sanitised but will avoid high level overviews. I hope other detection engineers enjoy my pain with me and new aspirants become engorged with new ideas. Starting Slowly.. This entry was made at the start of the week and so I spent time running my regular reporting. I run reporting and metrics...