DesenvolvimentoDEV Community
Designing Detection‑as‑Code Without a SIEM
Published on March 10, 2026By DEV Community
Most people learn detection engineering inside a SIEM. I wanted to learn it without one. Not because SIEMs aren’t useful, but because they often hide the real thinking behind dashboards, connectors, and pre‑built rules. So I built BluePhoenix, a detection‑as‑code lab designed to answer a simple question: What does detection engineering look like when you remove the platform and focus purely on behaviour, logic, and engineering discipline? Why I Built This I wanted to understand detection enginee
Read the full article: https://dev.to/barrosleo/designing-detection-as-code-without-a-siem-1k7f
Source: DEV Community