
When synthetic logs don’t lie: Generating coherent attack stories for better detection
From Talos Takes by Cisco Talos
June 3, 2026 · 19 min
About this episode
This episode discusses the limitations of traditional synthetic data in detection rules and introduces EvidenceForge as a solution.
Are your detection rules failing because your test data lacks the nuance of a real-world network? In this episode of Talos Takes, Amy sits down with David Bianco to discuss why traditional synthetic data often falls short and how his new open-source project, EvidenceForge, is changing the game. Synthetic datasets often look like telemetry but lack the critical causal links and realistic background noise that define actual adversary activity. EvidenceForge solves this by creating data th...
People in this episode
Host: Amy
Guest: David Bianco
Topics covered
- synthetic data
- detection rules
- cybersecurity
- EvidenceForge
- real-world networks
Keywords
- synthetic logs
- detection
- cybersecurity
- EvidenceForge
- attack stories
Mentioned in this episode
Organizations: EvidenceForge, Cisco Talos
More episodes of Talos Takes
- The trust paradox: How attackers weaponize legitimate SaaS platforms · May 7, 2026 · 21 min
- It's not you, it's your printer: State-sponsored and phishing threats in 2025 · April 21, 2026 · 29 min
- 2025's ransomware trends and zombie vulnerabilities · April 7, 2026 · 22 min
- Cybersecurity’s double-header: 2025 insights from Talos and Splunk · March 26, 2026 · 32 min
- Modernizing your threat hunt · March 12, 2026 · 23 min
- Holding the line: Service provider security · February 26, 2026 · 29 min
Explore listener stats, chart rankings, contacts and more on the Talos Takes podcast page.