Detection Engineering Lead

Keshia LeVan

Keshia likes building tools with Ruby and Python, is mocked for her Splunk obsession, and spends too much time playing with logs and json to develop security content (or at least pretty graphs). She's worked in several SOCs, triaging alerts and analyzing EDR data before focusing more on security engineering.
Driving Efficacy Through Detector Tuning: a Deeper Dive Into Detection Engineering
Using Alternate Data Streams to Bypass User Account Controls
Alert Fatigue: How to Tune Out the Noise and Reclaim Your Hours
Old Phishing Attacks Deploy a New Methodology: Verclsid.exe
Whitelist Evasion Example: Threat Detection #723
Bypassing Application Whitelisting: How IT Teams Can Detect It