Detection Engineering with Google Cloud

Detection rules aren’t just for fun—they’re critical for securing cloud environments. But are you using them the right way? In this episode, Ashish Rajan sits down with David French, Staff Adoption Engineer for Security at Google Cloud, to break down how organizations can scale Detection as Code across AWS, Azure, and Google Cloud. - Why prevention isn’t enough—and how detection fills the gap - The biggest mistakes in detection rules that could blow up your SOC - How to scale detections across hundreds (or thousands) of cloud accounts - The ROI of Detection as Code—why security leaders should care - Common low-hanging fruit detections every cloud security team should implement David has spent over a decade working in detection engineering, threat hunting, and building SIEM & EDR products. He shares real-world insights on how companies can improve their detection strategies and avoid costly security missteps. Questions asked: 00:00 Introduction 03:06 What is Detection as Code? 03:41 What was before Detection as Code? 05:36 Business ROI for doing Detection as Code? 07:49 Building Security Operations in Google Cloud 12:41 Threat Detection for different type of workload 14:54 What is Google SecOps? 20:36 Different kinds of Detection people can create 24:46 Scaling Detection across many Google Cloud accounts 28:47 The role of Data Pipeline in Detection 31:44 Detections people can start with 34:14 Stages of maturity for detection 36:43 Skillsets for Detection Engineering 39:32 The Fun Section -------------------------------------------------------------------------------- 📱Cloud Security Podcast Social Media📱 _____________________________________ 🛜 Website: https://cloudsecuritypodcast.tv/ 🧑🏾‍💻 Cloud Security Bootcamp - https://www.cloudsecuritybootcamp.com/ ✉️ Cloud Security Newsletter - https://www.cloudsecuritynewsletter.com/ Twitter: https://twitter.com/CloudSecPod LinkedIn: https://www.linkedin.com/company/Cloud-security-podcast #cloudsecurity #googlecloud #threatdetection