Detection Engineering That Scales: Practical Strategies for Resilient, Maintainable Security Operations

On-Demand

Modern threat detection teams face a critical challenge: developing, implementing, and maintaining effective detection rules efficiently and strategically amid a rapidly evolving threat landscape and resource limitations.

Meeting this challenge requires strong collaboration across analysts, engineers, and intelligence teams; smarter use of contextual data to refine decision-making; and structured, code-driven approaches that bring consistency and automation to detection workflows. By combining threat-informed design, continuous validation, and risk-based alerting, teams can reduce noise, enhance visibility, and ensure detections remain relevant as their environments evolve.

Watch the on-demand webinar as SANS Senior Instructor Erik Van Buggenhout, Splunk’s Director of Product Management Tim Nary, and NVISO Detection Engineering SME Stamatis Chatzimangou explore the strategies behind effective detection engineering.

This session also highlights where the field still struggles: detection maintenance, performance analytics, and risk-based alerting. A focus area will be how emerging technologies like AI can assist practitioners without replacing their expertise. The outcome: a clear, practical understanding of how to evolve detection operations from reactive and fragmented to proactive, measurable, and sustainable.

In this session, you’ll gain practical insight into how security teams are approaching detection engineering at scale, including how to:

    • Build and maintain high-quality detections that remain effective as environments, data volumes, and threat landscapes grow
    • Apply structured, threat-informed practices—including frameworks like MITRE ATT&CK—to improve detection relevance and reduce alert noise
    • Measure and evolve detection effectiveness over time, using performance signals to continuously refine and sustain your detection program

    Watch the on-demand webinar to learn how security teams are building detection engineering practices that scale and stay effective over time.

    Our Speakers

    Time Place Details
    10:00am - 10:55am Expo Hall Meet and greet in the lobby outside the Expo Hall before the General Assembly.
    11:00am - 11:55am Rm 314 Expert Track: TOP 10 WAYS TO MAKE A DIFFERENCE IN THE INDUSTRY | John Dough, CFO Marketizingly
    11:00am - 11:55am Rm 159 Social Track: MODERN NETWORKING | Hosted by: SponsorName

    Lorem ipsum dolor sit amet

    Pellentesque non magna eget ex lobortis finibus. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam nec arcu non eros hendrerit viverra a vitae libero. Etiam et ultricies nulla. Donec euismod lectus magna, eu dignissim mauris hendrerit vulputate.

    Our Speakers

    Erik Van Buggenhout

    Erik Van Buggenhout

    Senior Instructor,

    SANS

    Tim Nary

    Tim Nary

    Director of Product Management,

    Splunk

    Stamatis Chatzimangou

    Stamatis Chatzimangou

    Detection Engineering SME,

    NVISO

    Jordan Camba

    Software Engineering Technical Leader,
    Splunk

    https://www.linkedin.com/in/jcsecurity/

    Learn more