Summary: The video discusses a conversation between Gerald Oer and Hayden Coington, the sec ops lead at Black Hills Information Security, focusing on the topics of detection engineering and security operations. Hayden shares his extensive background in cybersecurity, his experience with incident response, and insights into building effective detection practices within security operation centers (SOCs).
Gerald Oer hosts the Simply Cyber Firesides, introducing Hayden Coington as a guest.
Hayden has significant experience in security operations, incident response, and detection engineering.
He coordinated SOC operations, leads incident response efforts, and mentors aspiring security analysts.
Hayden emphasizes that detection engineering doesn’t have to be complex and encourages starting with simple detections.
He stresses the importance of having a balanced approach to detection coverage against alert noise to reduce fatigue in security teams.
Hayden discusses the significance of networking knowledge alongside detection engineering skills.
The conversation highlights the use of AI in detection engineering while cautioning against relying solely on automation.
Hayden offers free courses on detection engineering, encouraging those interested to participate, regardless of their financial situation.
Hayden emphasizes the collaborative culture between SOC analysts and pentesters at Black Hills, aiming for collective improvement in security practices.
The future of SOCs may see a decrease in roles due to AI, but the necessity for human involvement remains critical.
Keypoints:
Youtube Video: https://www.youtube.com/watch?v=otjjPnNFFXo
Youtube Channel: Simply Cyber – Gerald Auger, PhD
Video Published: Fri, 25 Apr 2025 09:40:49 +0000