Detection Engineering with Google Cloud
Cloud Security Podcast20 Maalis 2025

Detection Engineering with Google Cloud

Detection rules aren’t just for fun—they’re critical for securing cloud environments. But are you using them the right way? In this episode, Ashish Rajan sits down with David French, Staff Adoption Engineer for Security at Google Cloud, to break down how organizations can scale Detection as Code across AWS, Azure, and Google Cloud.

  • Why prevention isn’t enough—and how detection fills the gap
  • The biggest mistakes in detection rules that could blow up your SOC
  • How to scale detections across hundreds (or thousands) of cloud accounts
  • The ROI of Detection as Code—why security leaders should care
  • Common low-hanging fruit detections every cloud security team should implement

David has spent over a decade working in detection engineering, threat hunting, and building SIEM & EDR products. He shares real-world insights on how companies can improve their detection strategies and avoid costly security missteps.


Guest Socials: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠David's Linkedin

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity Podcast


Questions asked:

(00:00) Introduction

(03:06) What is Detection as Code?

(03:41) What was before Detection as Code?

(05:36) Business ROI for doing Detection as Code?

(07:49) Building Security Operations in Google Cloud

(12:41) Threat Detection for different type of workload

(14:54) What is Google SecOps?

(20:36) Different kinds of Detection people can create

(24:46) Scaling Detection across many Google Cloud accounts

(28:47) The role of Data Pipeline in Detection

(31:44) Detections people can start with

(34:14) Stages of maturity for detection

(36:43) Skillsets for Detection Engineering

(39:32) The Fun Section

Jaksot(346)

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

David & Ashish spoke about What is Microsoft Ignite vs Microsoft Ignite Tour and why should cloud security people care about the event? Microsoft Ignite 2020 Sydney and Johannesburg What were th...

16 Helmi 202046min

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

In this episode we speak to Francesco Cipollone, Head of Cloud Security Alliance for UK Francesco and Ashish speak about is public cloud secure and if multi-cloud is a good thing, especially if you a...

9 Helmi 202034min

Just Eat UK security - cloud security across Scotland uk canada in a world of multi public cloud

Just Eat UK security - cloud security across Scotland uk canada in a world of multi public cloud

In this episode we speak to Stu Hirst, Principal Cloud Security @Just Eat. Stu and Ashish speak about keeping up security in a world of multi cloud, the challenges of recruiting for cloud security, w...

2 Helmi 20201h 4min

Cloud Security in Japan - Cloud Security Podcast the Tokyo edition

Cloud Security in Japan - Cloud Security Podcast the Tokyo edition

This episode is a non-sponsored episode which is recording from Ashish's recent visit to Tokyo, Japan. During the trip Ashish caught up with mixed group of cybersecurity professionals who have been wo...

26 Tammi 20206min

AZURE vs AWS , Azure Security and Can AZURE be DevOps friendly? - Tanya Janca

AZURE vs AWS , Azure Security and Can AZURE be DevOps friendly? - Tanya Janca

In this episode, we sit with Tanya Janca, previously Senior Cloud Advocate at Microsoft. Tanya & I spoke about the right way to do move workloads to Azure with DevOps. We compared notes on AWS and Azu...

19 Tammi 20201h 2min

CLOUD SECURITY JOURNEY OF DOW JONES POST THE AWS CLOUD BREACH , WITH JAY KELATH, PRODUCT SECURITY

CLOUD SECURITY JOURNEY OF DOW JONES POST THE AWS CLOUD BREACH , WITH JAY KELATH, PRODUCT SECURITY

In this episode, we sit with Jay Kelath, Director for Product Security at Dow Jones. Jay & I spoke about the Dow Jones breach and how things changed from top down in Dow Jones for the better. We spoke...

12 Tammi 202048min

Networking , recruiting and retaining female engineers, cyber security influencer, personal branding, mentoring for introvert men and women in cyber Security with Jane Frankland

Networking , recruiting and retaining female engineers, cyber security influencer, personal branding, mentoring for introvert men and women in cyber Security with Jane Frankland

In this episode, we sit with Jane Frankland, an award-winning entrepreneur, best-selling author and international speaker. Jane is a CISO advisor and has a diverse background, from being nominated as ...

5 Tammi 202056min

Cloud Security and Infosec girls with Vandana Verma

Cloud Security and Infosec girls with Vandana Verma

In this Blue team episode, we sit with Vandana Verma, a Board member of OWASP and was recently awarded “Top influencers in Security and Fire” and “Cybersecurity Women of the year award by Women Cyberj...

23 Joulu 201935min