BSides Kerala 2026 Speakers

Anand Kumar

Detection Engineer (Security Researcher) at Grant Thronton Bharat

Speaker
Speaker Bio

Detection Engineer (Security Researcher) at Grant Thronton Bharat

Twitter LinkedIn GitHub Website

He is a Cyber Security Researcher with 6+ years of experience in Red Teaming, Offensive Security, and Adversary Simulation, Specialized in Post‐Exploitation, Threat Emulation, and Adversary Simulation to replicate real‐world threat actor behavior, including TTPs (Tactics, Techniques, and Procedures) and adversarial tradecraft. Passionate about continuous research, innovation, and development of cutting‐edge security and AI technologies, strengthening both individual and team capabilities.

Tool Demo at BSides Kerala 2026

Tool Demo

DetectOps – Detection Engineering Platform

Hacker Ground Intermediate 30 minutes

I am building an end-to-end Detection Engineering platform that simplifies the full security lifecycle — from attack simulation to detection, validation, and reporting. The core objective is to address a major industry challenge: the lack of isolated, ready-to-use infrastructure for safely simulating real-world attacks. In most enterprise environments, setting up such infrastructure is complex, resource-heavy, and fragmented across multiple tools. This platform unifies everything into a single, ready-to-deploy ecosystem by integrating adversary simulation tools, a repository of 14,000+ detection rules, SIEM platforms like Splunk and Microsoft Defender for Endpoint (MDE), and built-in testing and reporting capabilities. As a result, security teams can efficiently test and validate detection use cases while reducing manual effort and infrastructure overhead.

Prerequisites for This Session:

  • To get the most out of this session, it is helpful to have a basic understanding of how a Security Operations Center (SOC) operates, along with the role of an L1 analyst in alert triage and incident handling. Familiarity with detection engineering concepts, especially how detection rules are developed and tested, will provide better context. Additionally, knowledge of how custom detection rules are written using SPL, KQL, or Sigma, and how they function within a SIEM platform, will make it easier to follow. A general understanding of how enterprises detect and respond to security threats will further enhance your learning experience.

Key Capabilities:

  • The platform offers comprehensive capabilities to streamline detection engineering. It includes a large-scale repository of detection logic covering Windows, Linux, network, and cloud environments, along with platforms like CyberArk, Okta, Docker, and OpenStack. It integrates leading adversary simulation tools such as Splunk Attack Range (SAR), GOAD, Atomic Red Team, PurpleSharp, Stratus, and CALDERA to enable realistic attack simulations. On the detection side, it connects with Splunk Enterprise Security and Microsoft Defender for Endpoint (MDE) for real-time validation. The platform also features built-in testing infrastructure, eliminating manual setup, and supports reporting and knowledge management through tools like GitHub, Obsidian, and GitLab. Designed for flexibility, it supports both on-premise and cloud deployments with template-based setups for quick and efficient implementation.
Date
9 May 2026
Time
05:00 PM - 05:30 PM IST
Venue
Hacker Ground
Format
Tool Demo
Register for BSides Kerala 2026 View Full Schedule
BSides Kerala 2026