One more idea that has been bugging me for years is an idea of “detection as code.” Why is it bugging…
My old $employer blog has vanished and a lot of content of value to the community went down with it. Naturally, I do not own the IP and I cannot go to archive.org and bring it back to life.
A lot of people ask me how Chronicle is doing inside Google Cloud (TLDR: doing well), and I wanted to share some good news. I also wanted to reveal some of our lessons building our threat detection capabilities (that we just released).