2023 Calendar
Virtual Events
Virtual Wine Event

Purple Teaming with Detection-as-Code for Modern SIEM

Mar 23, 2023
5:00 PM - 6:00 PM EST

Sponsored by

Speaker Ken Westin Security Strategist

Ken Westin is a Security Strategist at Panther. Ken has been in the security field for over 15 years working with companies to increase their security posture, through threat hunting, insider threat programs, and security research. In the past, he has worked closely with law enforcement helping to unveil organized crime groups. His work has been featured in Wired, Forbes, New York Times, Good Morning America among others, and is regularly reached out to as an expert in cybersecurity, cybercrime, and surveillance.

Purple Teaming with Detection-as-Code for Modern SIEM


One of the challenges for security teams is writing and deploying detections that generate actionable alerts with appropriate context. When new detections are written, it can be difficult to test whether they will work in a real threat scenario. 

In this session, we will walk through multiple methods to test detections leveraging a detection-as-code mindset. We will then take a deeper dive into purple team concepts showing how adversary emulation and offensive security tools can be used to test, tune, and create detections with the power of a Security Data Lake. 

Attendees will walk away from this session with a better understanding of what purple teaming is, how it differs from red and blue team engagements, and an arsenal of open-source tools and techniques they can apply to their own detections immediately.

In addition to great conversations, TechTalk's Sommelier will walk guests through a virtual tasting following the presentation. All attendees will be entered into a raffle to win a rare bottle of wine at the end of the event.