Dan Shiebler

No generative AI here - just good old-fashioned statistics. This post introduces Bayesian networks: visual models that connect the clues you see to the threats you care about. Instead of drowning in isolated alerts, a Bayesian network lets your SOC update its belief about an attack as new evidence arrives.... [Read More]

Every system has properties that define its usefulness. We talk about efficiency when we care about speed and resource usage. We talk about stability when we care about consistency under load. We talk about usability when we care about how easy it is for a human to interact with the... [Read More]

Ever had a complex Python function you wanted to quickly host as an API? Managing dependencies like databases, secret keys, or heavy utilities like audio processing libraries can be quite cumbersome. Typically, I handle this with a pattern involving: Docker: to manage and install dependencies AWS Parameter Store: to securely... [Read More]

When building systems to detect cyberattacks or fraud, technical expertise alone isn’t enough. Success hinges on adopting a detection mindset—a way of thinking that prioritizes skepticism, rapid iteration, and rigorous validation. A detection mindset ensures that detection engineers and data scientists remain vigilant, adaptive, and results-driven in their approach. Here’s... [Read More]

Software engineering is changing. From autocomplete to chat-based code generators to no-code platforms, AI tools arrived like a tsunami in 2024. It’s true that most software development work - especially for experienced engineers working on distributed systems and mature codebases - remains above the waterline. Smart autocomplete and agentic code... [Read More]