『Detection Dispatch (Alex's Version)』のカバーアート

Detection Dispatch (Alex's Version)

Detection Dispatch (Alex's Version)

著者: Alex Hurtado
無料で聴く

Detection Dispatch (Alex's Version) is an independent detection engineering & threat hunting podcast. Rebuilt. Community-first. Featuring a lineup of the real and active projects pushing the limits of detection engineering, threat hunting, and everything in between.


© 2026 Detection Dispatch (Alex's Version)
エピソード
  • What Headless Actually Means feat. Maxime Lamothe-Brassard Founder of LimaCharlie
    2026/07/07

    The definition of headless is taking shape. More software is shipping with an MCP. Teams are starting to require it in procurement. Your CLI and Claude Code can now talk directly to the tools you already run.

    LimaCharlie was one of the first platforms in the SOC to build everything through the command line....long before the post-Claude boom. Maxime Lamothe-Brassard (their founder) joins Dispatch to explore what going headless actually means for security operations.

    In this episode we get into:

    • What headless actually means mechanically and why it's a very old computing idea security is only now fully inheriting
    • Why the UI becoming optional levels the playing field and kills the faith-based vendor pitch
    • The eager intern problem: permissions control what an agent is allowed to do, not whether its answer is right
    • Why passing the MCP boundary and trusting the LLM on the other side is a front door left wide open
    • GPT wrappers vs. real headless infrastructure: who owns the detection logic and who's just reselling tokens
    • The customer who told their MSSP they'd rather their CEO get locked out for 30 minutes than wait on a human to respond
    • The one thing Max won't let a headless agent do...ever

    Follow Max's work on:

    • limacharlie.io | limacharlie.io/blog
    • LinkedIn: linkedin.com/in/maximelb
    • Free Build Your Own Headless SOC Workshop with BlackHills Infosec @ BlackHat, August 5, 2026 https://luma.com/black-hat-headless-soc-workshop?tk=crcMy4

    Detection Dispatch (Alex's Version) is an independent detection engineering & threat hunting podcast. Rebuilt. Community-first. Featuring a lineup of the real and active projects pushing the limits of detection engineering, threat hunting, and everything in between.

    続きを読む 一部表示
    48 分
  • Words are Cheap. Sense Making is Not..feat. Diego Perez
    2026/06/04

    What happens when a philosopher walks into a SOC? Apparently, he builds one from the ground up, spends a decade making sense of detection engineering across financial services, global IR teams, and now Canva.

    Diego Perez is a detection engineer who studied philosophy, taught himself security at 2am with a newborn in the other room, and has been quietly writing some of the sharpest unsloppy takes on the internet about what detection engineering actually is versus what we pretend it is. His blog Quasarops lives by one rule: words are cheap, sense making is not.

    We hit on:

    • Why "garbage in, garbage out" is a heuristic that stops short of actually helping anyone
    • The Cynefin framework and why knowing which detections you need lives in the complex domain, not the complicated one
    • Detection as code: is it overrated now that coding agents exist, or are we asking the wrong question entirely
    • The Red Queen effect, Jevons' paradox, and why you do actually need AI in your SOC whether you like it or not
    • Agentic threat hunting: whose tokens do you trust, yours or a vendor's black box
    • Why the human element is more important than ever, and who exactly gets blamed when the model gets it wrong

      Follow Diego's substack: https://quasarops.com

    Detection Dispatch (Alex's Version) is an independent detection engineering & threat hunting podcast. Rebuilt. Community-first. Featuring a lineup of the real and active projects pushing the limits of detection engineering, threat hunting, and everything in between.

    続きを読む 一部表示
    1 時間 8 分
  • DE on Mac Finally Has a Champion. Her name is Olivia Gallucci.
    2026/05/30

    macOS detection engineering has had a documentation problem for years. Everyone told Olivia Gallucci she was locking herself into a platform nobody cared about. Then infostealers showed up, enterprise Mac fleets exploded, and suddenly her work was the most in-demand research nobody knew existed.

    Olivia is a security engineer at Datadog living inside macOS internals...from Apple Silicon boot chain to ESF event families to IOKit abuse....and she is single-handedly dragging macOS DE into the light.

    In this episode we get into:

    • Why you can't just flag osascript anymore and what to look at instead
    • The process tree trap that trips up every Windows-native DE who crosses over
    • Background Task Management: the persistence metadata everyone's sleeping on
    • Living off the Orchard binaries
    • Why your EDR is abstracting macOS telemetry from you and what to do about it
    • Jonathan Levin's books, Jaron Bradley's Sprite Tree, and the resources that actually matter

    Follow Olivia's work on:

    • oliviagallucci.com | [ret]2read — An OS Internals Newsletter (Substack)
    • LinkedIn: linkedin.com/in/olivia-gallucci
    • 2026 main stage at BlackHat

    Detection Dispatch (Alex's Version) is an independent detection engineering & threat hunting podcast. Rebuilt. Community-first. Featuring a lineup of the real and active projects pushing the limits of detection engineering, threat hunting, and everything in between.

    続きを読む 一部表示
    37 分
adbl_web_anon_alc_button_suppression_t1
まだレビューはありません