Sprinklr’s Roger Allen on Why Vendor Telemetry Only Gets You 90% There

from Ahead of the Breach · host Sprocket

Modern attackers have abandoned obvious indicators and now mimic legitimate engineering activities so closely that traditional detection methods fail. Roger Allen, Sr. Director, Global Head of Detection & Response at Sprinklr, has watched this evolution firsthand. He gives Casey the rundown of how his team's response involves outcome-based detection strategies that focus on what attackers accomplish rather than the specific actions they take to get there. But detection is only part of the equation. From transforming UBA alerts into contextualized "events of interest" that correlate across the MITRE framework to implementing breach response scenarios that consider cloud-native production implications, Roger shares tactical approaches that bridge the gap between red team thinking and blue team operations. Topics discussed: Why focusing on what attackers accomplish rather than individual actions creates more effective monitoring as threat actors become increasingly sophisticated in mimicking legitimate engineering activities. Filling the critical 10-20% gap in security coverage through business context enrichment and custom detection logic that vendors can't provide. Converting traditional user behavior analytics from noise-generating alerts into correlated "events of interest" that map to MITRE kill chain stages for dynamic alert prioritization. Systematic approaches to removing unnecessary tools like Netcat and Telnet while creating contextual detections for essential utilities. Building tier-based response frameworks that account for production disruption risks when containing threats in environments where simply isolating hosts could shut down customer-facing services. Implementing scenario-based training that goes beyond tabletop exercises to create muscle memory for security operations teams responding to active compromises. Why having practitioners in both development and leadership chains at security vendors correlates with product effectiveness and company growth trajectories. How to distinguish between genuine artificial intelligence capabilities and rebranded automation when evaluating security tools, plus practical applications for analyst efficiency without replacement Listen to more episodes: Apple Spotify YouTube Website

NOW PLAYING

0:00 24:06

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

No similar episodes found.

Similar Podcasts

MG Show MG Show The MG Show, hosted by Jeffrey Pedersen and Shannon Townsend, is a leading alternative media platform dedicated to uncovering the truth behind today’s most pressing political issues. Launched in 2019, the show has grown exponentially, offering unfiltered insights, comprehensive research, and real-time analysis. With a commitment to independent journalism and factual integrity, the MG Show empowers its audience with knowledge and encourages active participation in the political discourse. The Game Radio Popolare Soldi, lavoro, avidità, disoccupazioni: il grande gioco dell’economia smontato ogni giorno da Raffaele Liguori. Photo Breakdown Scott Wyden Kivowitz Photo Breakdown is a podcast in which we explore the world of photography with a trusted guide, host Scott Wyden Kivowitz. His expertise and passion bring the industry to life as we explore the stories, trends, and ideas shaping it today. Join us as we dissect everything from incredible photographs and creative techniques to the latest gear releases and hot topics in the photography community.In each episode, we break down what’s happening behind the scenes - whether it’s making a powerful image, a candid discussion on industry trends, or a reflection on the tools and technology changing how we make photographs. You’ll get insights, expert opinions, and a fresh perspective on what’s top of mind for photographers right now.Anticipate short, engaging episodes brimming with ideas and inspiration. Be part of the conversation by sharing your thoughts, voice notes, and comments. Your participation is what makes our community vibrant and dynamic.It’s more than just photography - everyth The Last Outlaws Impact Studios at UTS In a History Lab season like no other, we're pulling on the threads of one of Australia's great misunderstood histories, moving beyond the myths to learn what the Aboriginal brothers Jimmy and Joe Governor faced in both life and death.Australia's budding Federation is the background setting to this remarkable story, that sees the Governor brothers tied to the inauguration of a 'new' nation and Australia's dark history of frontier violence, racial injustice and the global trade and defilement of Aboriginal ancestral remains. This Impact Studios production is a collaboration with the Governor family, UTS Faculty of Law and Jumbunna Institute for Indigenous Education and Research.The Last Outlaws teamKatherine Biber - UTS Law Professor and Chief InvestigatorAunty Loretta Parsley - Great-granddaughter of Jimmy Governor and the Governor Family Historian Leroy Parsons - Governor descendant, Narrator and Co-WriterKaitlyn Sawrey - Host, Writer and Senior ProducerFrank Lopez - Writer,

URL copied to clipboard!

Share this episode

Similar Episodes

Similar Podcasts

Age Verification