Detection Engineering Weekly

Detection Engineering Weekly

Home
Notes
Field Manual
Archive
Leaderboard
About

Sitemap - 2026 - Detection Engineering Weekly

DEW #157 - Shai Hulud Goes Open Source, How Anthropic uses Claude and Underground Internet Cables

DEW #156 - Putting Detection Coverage on Blast, SOC Metrics Stink and the decline of cool Windows Malware

DEW #155 - Gems from the 2026 Trenches

DEW #154 - Mythos <> Firefox hype, RSigma gets an uplift, Detection-as-Code is overrated and TeamPCP Strikes Again

DEW #153 - New IPv8 Draft, macOS Threat Detection LLM Evals & Canaries in your CI/CD Pipeline

DEW #152 - Celebrating Gaps in Detection Coverage, Threat Hunting on Teams & OpenAI Axios post-mortem

DEW #151 - The Security Cognitive Rust Belt, Music Streaming Fraud & the Axios Incident Post-Mortem

DEW #150 - macOS Endpoint Security Firewall, EDR telemetry updates & Supply Chain Bonanza

DEW #149 - Roll your own Sigma SIEM, Stryker Breach and New Branding!

DEW #148 - Detection Pipeline Maturity, GenUI for Log Analysis and Hunting Kali in Splunk

DEW #147 - Flying Blind with your Logs, MAD lads and Z-scores & How Reddit Does Threat Detection

DEW #146 - The logs are lying, my latest post on Agentic Security & re-tooling security for speed

Knowing what good looks like in agentic security

DEW #145 - Modified Z-Score for Anomaly Detection, Watermarking for Audit Logs -> SIEM and Zack gives you all an RFC for homework

DEW #144 - Pyramid of Permanence and 🦞OpenClaw 🦞 Security Dumpster Fires

DEW #143 - Suppressing False Positives at Scale, Silencing EDRs & Detection Fidelity via Social Network Analysis

DEW #142 - Slack's Agentic Triage Architecture, Detection <3's Data and Sigma evals

DEW #141 - K8s Detection Engineering, macOS EDR evasion, Cloud-native detection handbook

What are Composite Detections?

© 2026 Zack 'techy' Allen · Privacy ∙ Terms ∙ Collection notice
Start your SubstackGet the app
Substack is the home for great culture