The Always-On Purple Team: Automated CI/CD for Detection Engineering

Discover an innovative approach to cybersecurity in this 49-minute conference talk from the RSA Conference. Learn how to build an "always-on purple team" through a cutting-edge architecture that combines leading SOC technologies, SIEM/XDR, SOAR, BAS, and ChatGPT. Explore the creation of a detection engineering CI/CD pipeline capable of automatically generating, testing, and deploying detection analytics. Join presenters Stephen Sims, Offensive Operations Curriculum Lead and Fellow at SANS Institute, and Erik Van Buggenhout, Director at NVISO & SANS Institute, as they share valuable insights and provide a live demonstration of this groundbreaking system in action.