Thanks for this insightful article. I'm just left wondering: what about ML? The use case seems attractive, since the rules to flag suspicious "behavioural patterns" would not even need to be written by someone. The sheer amount of logs considered also seems to indicate that it is a good fit. I imagine there are already companies betting on that to improve the quality of security signals across the organization.
Don't you think that detection engineering will be more influenced by data engineering in the future?
Hi Jack,
Thanks for this insightful article. I'm just left wondering: what about ML? The use case seems attractive, since the rules to flag suspicious "behavioural patterns" would not even need to be written by someone. The sheer amount of logs considered also seems to indicate that it is a good fit. I imagine there are already companies betting on that to improve the quality of security signals across the organization.
Don't you think that detection engineering will be more influenced by data engineering in the future?