Modern threat detection teams face a critical challenge: developing, implementing, and maintaining effective detection rules efficiently and strategically amid a rapidly evolving threat landscape and resource limitations.
Meeting this challenge requires strong collaboration across analysts, engineers, and intelligence teams; smarter use of contextual data to refine decision-making; and structured, code-driven approaches that bring consistency and automation to detection workflows. By combining threat-informed design, continuous validation, and risk-based alerting, teams can reduce noise, enhance visibility, and ensure detections remain relevant as their environments evolve.
Join SANS Senior Instructor Erik Van Buggenhout, Splunk’s Director of Product Management Tim Nary, and NVISO Detection Engineering SME Stamatis Chatzimangou on February 25, 2026, at 1:00 PM ET as they explore effective detection engineering.
The webcast also highlights where the field still struggles: detection maintenance, performance analytics, and risk-based alerting. A focus area will be how emerging technologies like AI can assist practitioners without replacing their expertise. The outcome: a clear, practical understanding of how to evolve detection operations from reactive and fragmented to proactive, measurable, and sustainable.
Why Register?
- Learn from experts how to build and maintain a sustainable, high-quality detection engineering function that keeps pace with the modern threat landscape.
- Gain insight into which practices truly work today:
- Fostering collaboration across SOC, threat intelligence, and engineering teams
- Applying adversary frameworks like MITRE ATT&CK (with intent rather than as a checklist)
- Using contextual enrichment to sharpen alert fidelity and triage speed
- Earn 1 CPE credit
- Submit questions to event speakers (when attending live)
- Flexible attendance (attend live or watch on your own time)
