Detection Engineering Lead

Keshia LeVan

Keshia likes building tools with Ruby and Python, is mocked for her Splunk obsession, and spends too much time playing with logs and json to develop security content (or at least pretty graphs). She's worked in several SOCs, triaging alerts and analyzing EDR data before focusing more on security engineering.
 
Driving Efficacy Through Detector Tuning: a Deeper Dive Into Detection Engineering
 
Using Alternate Data Streams to Bypass User Account Controls
 
Alert Fatigue: How to Tune Out the Noise and Reclaim Your Hours
 
Old Phishing Attacks Deploy a New Methodology: Verclsid.exe
 
Whitelist Evasion Example: Threat Detection #723
 
Bypassing Application Whitelisting: How IT Teams Can Detect It