Detection Engineering Weekly | Zack Allen | Substack

DEW #150 - macOS Endpoint Security Firewall, EDR telemetry updates & Supply Chain Bonanza

pls no more OSS compromises

READ THE LATEST

Most Popular

What is a Detection Engineer?

Jun 20, 2025 • Zack Allen

What is Detection Rule Efficacy?

Jul 18, 2025 • Zack Allen

What are Composite Detections?

Jan 7 • Zack Allen

What are Atomic Detection Rules?

Dec 15, 2025 • Zack Allen

Recent posts

DEW #149 - Roll your own Sigma SIEM, Stryker Breach and New Branding!

if anyone wants to see my pinterest mood board hmu

Mar 18 • Zack Allen

DEW #148 - Detection Pipeline Maturity, GenUI for Log Analysis and Hunting Kali in Splunk

happiness is when the temperature is above 40F/4C

Mar 11 • Zack Allen

DEW #147 - Flying Blind with your Logs, MAD lads and Z-scores & How Reddit Does Threat Detection

I need a beach vacation asap

Mar 4 • Zack Allen

DEW #146 - The logs are lying, my latest post on Agentic Security & re-tooling security for speed

I could use a beach and a mojito rn

Feb 25 • Zack Allen

Knowing what good looks like in agentic security

The peak is higher, but the climb is faster

Feb 19 • Zack Allen

DEW #145 - Modified Z-Score for Anomaly Detection, Watermarking for Audit Logs -> SIEM and Zack gives you all an RFC for homework

You must write "I will not write a detection rule for IP addresses" 1000 times

Feb 11 • Zack Allen

DEW #144 - Pyramid of Permanence and 🦞OpenClaw 🦞 Security Dumpster Fires

Lobster never tasted so good

Feb 4 • Zack Allen

DEW #143 - Suppressing False Positives at Scale, Silencing EDRs & Detection Fidelity via Social Network Analysis

snowmageddon has hit the Northeast US

Jan 28 • Zack Allen

DEW #142 - Slack's Agentic Triage Architecture, Detection <3's Data and Sigma evals

bills lose and now the team's imploding

Jan 21 • Zack Allen

Detection Engineering Weekly

Detection Engineering Weekly

The latest news and how-tos in detection engineering

Recommendations

James Berthoty

Eric’s Substack

Eric Capuano

Bug-eyed and Shameless

Justin Ling

THOR Collective Dispatch

Sydney Marrone

Venture in Security

Ross Haleliuk

Detection Engineering Weekly

The latest news and how-tos in detection engineering

About Archive Recommendations Sitemap

Detection Engineering Weekly

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts