Episodes

Click here to send us your ideas and feedback on Blueprint! In today’s episode, John is joined by Anton Chuvakin to discuss current and future security operations technology, which tools are the most important and which are becoming less important over time, the rules of automation in the SOC and how Anton would setup a modern Security Operations Center for a Cloud native organization. Today's Guest: Anton Chuvakin Dr. Anton Chuvakin is a recognized security expert in the field of log manage...

Click here to send us your ideas and feedback on Blueprint! Are you a manager looking to build or improve your SOC? Are you trying to understand how to measure your SOCs maturity or use cases or your threat hunting efforts? If so, today’s episode with Rob van Os is for you. In this episode, we discuss the SOC CMM for SOC maturity measurement, the magma use case framework for building and tracking SOC use cases, and the Tahiti threat hunting methodology for showing ROI on threat hunting. Our...

Click here to send us your ideas and feedback on Blueprint! What is AppSec, DevOps and DevSecOps? In this episode we discuss why defenders should know more about these terms and what the consequences are of ignoring these new and critical fields. Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone ...

Click here to send us your ideas and feedback on Blueprint! Driving consistency and maintaining a high standard for alert response is a problem all SOCs must face, but how? In this episode, Josh Brower describes his efforts to combine automated detection signature deployment and use case database management into a single, easy to use app for Security Onion. Whether you use Security Onion or not, this episode dives into the design principles and workflow Josh used when designing the new open-s...

Click here to send us your ideas and feedback on Blueprint! Even if you're not a malware analyst, any blue teamer should be able to do some initial basic malware sample triage. The good news is that this is quite easy to do using freely available tools once you know what is available. Join John in this conversation with Ryan Chapman as they discuss how to reverse engineer malware and why you might want to do so. Our Guest - Ryan Chapman Ryan Chapman works as a Principal Incident Response ana...

Click here to send us your ideas and feedback on Blueprint! Looking for a new way to approach the difficult problem of measuring and improving your SOC? Check out this episode to hear how to use methods pioneered in the manufacturing and reliability industry to help wrap your head around, and solve this complex issue. You don’t want to miss this episode with Jon Hencinski, Director of Operations at Expel who covers all of this and more. Our guest - Jon Hencinski Jon Hencinski is the Director...

Click here to send us your ideas and feedback on Blueprint! Austin Taylor discusses the promise and reality of cyber security-centric data science, and how you can use machine learning for solving practical security problems. Twitter Handles: @HuntOperator | @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Buildin...

Click here to send us your ideas and feedback on Blueprint! Roberto Rodriguez explains the awesome projects and initiatives he is working on to help blue teams perform advanced data collection, analysis, and threat hunting. Twitter Handles: @Cyb3rWard0g | @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Bui...

Click here to send us your ideas and feedback on Blueprint! Cloud expert Kyle Dickinson discusses common cloud infrastructure attacks, and how you can detect and prevent them before they happen to your organization. Twitter Handles: @KyleHaxWhy | @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader...

Click here to send us your ideas and feedback on Blueprint! Mark and Libby share the new technologies in use at Microsoft to dramatically decrease the need for the use of passwords in the enterprise. Twitter Handles: @markmorow | @TruBluDevil | @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader S...

Click here to send us your ideas and feedback on Blueprint! Dave and Ryan speak with John about resources for training yourself, and the challenges of setting up a large-scale cyber lab to simulate an advanced attack for their Splunk Boss of the SOC competition. Twitter Handles: @daveherrald | @meansec | @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - App...

Click here to send us your ideas and feedback on Blueprint! Katie Nickels talks about what threat intelligence is, where to get it, what you should expect from it, and how the SOC should be using it. Twitter Handles: @likethecoins | @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Secur...

Click here to send us your ideas and feedback on Blueprint! Mary Chaney shares what types of laws we should be concerned about. She discusses her thoughts on privacy laws and how that will drive cyber security, and what she’s doing to get more diverse representation in the industry at all levels. Twitter Handles: @MaryNChaney | @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450...

Click here to send us your ideas and feedback on Blueprint! Chris Sanders and Stef Rand discuss qualitative research they conducted on how to use divergent or convergent thinking for improving the quality of your analysis. Twitter Handles: @ChrisSanders88 | @techieStef | @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Ope...

Click here to send us your ideas and feedback on Blueprint! Hear host John Hubbard share info on his background, his inspiration and goals for this podcast and his insights on ‘The Art of Blue Teaming”. Twitter Handles: @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations...

Click here to send us your ideas and feedback on Blueprint! In our very first guest interview with Mark Orlando, John asks Mark questions to help us re-evaluate our security operations. Twitter Handles: @MarkAOrlando | @SecHubb All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Con...

Click here to send us your ideas and feedback on Blueprint! Blueprint brings you the latest in cyber defense and security operations from top blue team leaders. Blueprint is brought to you by the SANS Institute and is hosted by SANS Certified Instructor John Hubbard. Twitter Handles: @SecHubb | @SANSDefense All Blueprint Podcast Episodes: sans.org/blueprint-podcast Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense ...