Streamlining Detection Development with Goose Recipes
Creating effective security detections in Panther traditionally requires deep knowledge of detection logic, testing frameworks, and development workflows. The detection engineering team at Block has streamlined this process by building Goose recipes that automate the entire detection creation lifecycle from initial repository setup to pull request creation.
This blog post explores how to leverage Goose's recipe and sub-recipe system to create new detections in Panther with minimal manual intervention, ensuring consistency, quality, and adherence to team standards.