Learn from real-world practitioners in real-time during SANS San Diego Fall Live Online. Save $300 thru 10/21.

Blueprint Podcast


Shock to the System: Re-Evaluating Your Security Operations

In our very first guest interview with Mark Orlando, John asks Mark questions to help us re-evaluate our security operations.


Sponsor's Note:

Support for the Blueprint podcast comes from the SANS Institute.

If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.

This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.

Check out the details at sansurl.com/450! Hope to see you in class!
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn

Featured Guest Bio:

Mark started his security career in 2001 as a SOC Analyst, and since then has been both fighting for blue team resources and trying to automate them out of a job. He has built, assessed, and managed security teams at the Pentagon, the White House, the Department of Energy, global Managed Security Service Providers, and numerous Fortune 500 clients.

Mark's passion is finding new and innovative ways to help defenders scale through the right application of foundational knowledge and assistive technology, and helping people in leadership and non-technical roles navigate the many challenges of information security. In 2012, he designed and launched a Managed Detection and Response (MDR) service offering and helped to invent an automated cyber threat hunting technology, both of which were later acquired.

Mark has presented on security operations and assessment at DefCon's Blue Team Village, the Institute for Applied Network Security (IANS) Forum, BSidesDC, and the RSA Conference and has been quoted in the New York Times, the Washington Post, Forbes, CNBC, SC Magazine, and many other publications. He holds a Bachelor's Degree in Advanced Information Technology from George Mason University and served in the US Marine Corps as an Artillery Non-Commissioned Officer. In his spare time, Mark enjoys reading, going to rock shows, and sneaking in the occasional Netflix binge.

Follow Mark on Twitter (@markaorlando) and LinkedIn (/in/marko16).