BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.nsec.io//B3SJZP
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-2026-B3SJZP@cfp.nsec.io
DTSTART;TZID=EST:20260514T150000
DTEND;TZID=EST:20260514T153000
DESCRIPTION:This talk covers a big Security Operation Center (SOC)’s jour
 ney through maturing our detection engineering practice by implementing *d
 etection as code* (DaC) principles.\n\nWhat we will cover:\n1. Our startin
 g point (where a lot of SOCs are): no DaC\, manually modifying rules in a 
 SIEM\;\n2. What is DaC and why it’s a game-changer for detection enginee
 rs\;\n3. Why we chose Sigma as the backbone of our DaC practice\;\n4. Our 
 gradual transition to DaC\n5. A real case study of how Sigma + DaC made ch
 anging SIEM so much easier.\n\nIntended audience: people who create or man
 age detection rules in a SOC\, people who want to increase the quality and
  stability of the rules you maintain and people who are interested in how 
 DevOps principles can be applied to security operations.
DTSTAMP:20260507T211841Z
LOCATION:Salle de bal
SUMMARY:Increasing detection engineering maturity with detection as code - 
 Émilio Gonzalez
URL:https://cfp.nsec.io/2026/talk/B3SJZP/
END:VEVENT
END:VCALENDAR