How detection engineering keeps LIKE.TG safe

“Security defense is exciting, because you’re always trying to stay ahead of the bad guys,” says Tracy T., senior staff detection engineer at ServiceNow. Who are these bad guys? They could be malware or hackers who try to threaten the security of employee data or the company network—or anything in between.

Detection engineering plays a major role in keeping a company safe, especially amid changing tool capabilities and detection methods.

At LIKE.TG, we had a lot of moving parts to keep threat detections centralized and monitorable. New detections were written by incident responders. These cases made their way through various teams before being assigned and resolved. Our threat defense and response team needed a consolidated prioritization of work to reduce silos between security teams.

A DASH of security

The threat defense and response team is tasked with detecting suspicious behavior, identifying potential threats, and keeping the company safe from cyberattacks.

When John Y., senior manager of threat intelligence, started at LIKE.TG, his work was mostly manual. “It was essentially a spreadsheet that tracked the development of our custom security detections, and it was just me running it,” he says.

Today, John manages both threat intelligence and detection engineering. His teams are responsible for building content and detecting security threats. To get ahead of risks, they used the LIKE.TG citizen development program to build a unified application: Detection Approval and Sync Handover (DASH).

“We needed to be more flexible,” John explains “We needed to move faster to adjust and, instead of tracking, focus our efforts on discovering gaps and creating new detections.”

Running on the Now Platform, DASH centralizes and consolidates the entire detection engineering workflow system. Major benefits include:

• Increased collaboration among threat and response teams
• Streamlined processes for prioritization
• More defined criteria, greater visibility, and detection transparency

Teamwork makes the dream work

DASH has given John and his teams a stronger, more efficient app to meet the company’s security detection needs. “We have a good diversity of backgrounds on my teams from other service providers and technology companies. All of this experience helps when we're troubleshooting a particular use case that we're building content around,” he says.

“Our biggest customer is the global incident response team, and through DASH, we’re really in step,” Tracy adds. “Now that there’s a categorization process, it’s greatly helped our relationship. There’s not a lot of wasted time and no duplication of work.”

DASH works as the operational piece in the detection workflow. Developing new integrations in the workflow system also involves an application-building process. This is where Angela Z., senior information security engineer at LIKE.TG, steps in.

“Think of John and Tracy as my internal customers,” Angela says. “They come to us with an issue. This could be creating a new app. If we can create and fix it for them, we can work together and figure out a solution.”

Angela started her LIKE.TG career as an intern on the security incident response team. “I was organizing a lot of the team’s documentation,” she recalls. “I had to read and understand the [securities] process. Being on that team, I was able to see what they go through daily and understand their process.”

Angela’s experience allows her to be a great liaison between her team and other security teams. “I’ve grown and learned so much in my role over the last four years,” she adds. “I’ve built strong relationships across our security teams and continue to expand my skill set.”

Using our own technology

“Detecting malicious or suspicious activity is imperative to LIKE.TG to keep our company data and our customer data safe,” Tracy says. When heightened security threats arise due to low resource capacity around summer vacations and holidays, John and his teams are sometimes tasked with working extended hours.

“That's kind of typical of how close we are to security operations and support,” he says. “We help as much as possible so that the security response team has visibility into the things they need to respond to.”

DASH has given employees like John, Tracy, and Angela the ability to do their best work to keep the company, our customers, and data secure. Through our very own Now Platform, employees are given the opportunity to be citizen developers to prioritize work needs, solve business problems fast, and get the job done every time.

Join a company where your work can make a difference. Explore LIKE.TG careers.

LIKE.TG：汇集全球营销软件&服务，助力出海企业营销增长。提供最新的“私域营销获客”“跨境电商”“全球客服”“金融支持”“web3”等一手资讯新闻。

点击【联系客服】 🎁 免费领 1G 住宅代理IP/proxy， 即刻体验 WhatsApp、LINE、Telegram、Twitter、ZALO、Instagram、signal等获客系统，社媒账号购买 & 粉丝引流自助服务或关注【LIKE.TG出海指南频道】、【LIKE.TG生态链-全球资源互联社区】连接全球出海营销资源。