2025-06-19 –, Main Stage
There's a storm brewing in the SecOps world, from an ocean of noise, a new breed is emerging : the Detection and Response Engineers.
What are we even doing with SOC ? We're still mostly dealing with false Positives, running outdated analyst tiers leading to burnouts, and SIEMs are still hard to tame monsters. And yet, we still don't really grasp our detection coverage, or are really efficient at adopting SOARs. But there's a new trend emerging, the Detection and Response Engineer.
SOCs worldwide are facing a hard transition - from an analyst organization, responding to events, to an engineering organization, proactively building systems with an emphasis on automation from the start. Detection Engineering is being increasingly adopted, and SOAR practices are being generalized to Response Engineering.
We will in this session peer into an engineering future for SOCs, where teams are smaller, more expert, tech-centric, and laser focused on key capabilities with less externalization of human effort.
Threat Detection and Response Freelancer, working with SecOps teams worldwide to improve their maturity and build better technical systems. Creator and Maintainer of OpenTIDE.
Expertise :
- SecOps HyperAutomation
- Threat Detection & Response Engineering
- Security Operations Architecture
- Engineering and Implementation
- Autonomous SOC DevOps (Continuous Detection/Continuous Response)
- Threat & Attack Intelligence.