Detection Engineering Weekly

DEW #147 - Flying Blind with your Logs, MAD lads and Z-scores & How Reddit Does Threat Detection

I need a beach vacation asap

Mar 4 • Zack Allen

5

February 2026

DEW #146 - The logs are lying, my latest post on Agentic Security & re-tooling security for speed

I could use a beach and a mojito rn

Feb 25 • Zack Allen

7

2

Knowing what good looks like in agentic security

The peak is higher, but the climb is faster

Feb 19 • Zack Allen

15

2

DEW #145 - Modified Z-Score for Anomaly Detection, Watermarking for Audit Logs -> SIEM and Zack gives you all an RFC for homework

You must write "I will not write a detection rule for IP addresses" 1000 times

Feb 11 • Zack Allen

5

DEW #144 - Pyramid of Permanence and 🦞OpenClaw 🦞 Security Dumpster Fires

Lobster never tasted so good

Feb 4 • Zack Allen

15

3

2

January 2026

DEW #143 - Suppressing False Positives at Scale, Silencing EDRs & Detection Fidelity via Social Network Analysis

snowmageddon has hit the Northeast US

Jan 28 • Zack Allen

12

1

DEW #142 - Slack's Agentic Triage Architecture, Detection <3's Data and Sigma evals

bills lose and now the team's imploding

Jan 21 • Zack Allen

9

1

DEW #141 - K8s Detection Engineering, macOS EDR evasion, Cloud-native detection handbook

Happy New Year! Did you miss me?

Jan 14 • Zack Allen

7

1

3

What are Composite Detections?

Atomic Detection rules are critical building blocks for a detection engineering function.

Jan 7 • Zack Allen

29

2

4

December 2025

What are Atomic Detection Rules?

The first and last rules you'll likely write :)

Dec 15, 2025 • Zack Allen

26

1

1

DEW #140 - SVG Filter ClickJacking, Detection Engineering "Onboarding" and React2Shell spotlight

my detection unc status is probably at an all time high and i'm here for it

Dec 10, 2025 • Zack Allen

10

1

DEW #139 - Detection Surface, Frontier Models are good at SecOps & THREE YEAR ANNIVERSARY!

I graduated from the terrible twos to a threenager

Dec 3, 2025 • Zack Allen

9

1