SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Arm yourself with the most valuable and actionable content for advancing cyber defense skills. Hear from some truly interesting people changing the game in the blue teaming field, and ultimately learn actionable ways to take your cyber defense skills to the next level.
In this episode, John sits down with Zak Stufflebeam, Director of Cybersecurity at a publicly traded insurance company, to discuss his unique journey in the field.

In this episode, John sits down with James Spiteri from Elastic to explore the transformative power of AI on the SOC.

Rich Greene, SANS author/instructor and former U.S. Army Green Beret, shares his journey from military service to cybersecurity. He breaks down why fundamentals and communication matter, while dispelling common myths about entering the field.

Ryan Thompson shares how to build dashboards that detect real threats—not just look good. Learn why most SOC dashboards fail and how to design them for true detection.

Start the new year with a mini solo episode on achieving your 2025 goals. I share my personal productivity system, favorite book recs, and tips to stay focused on what matters most.

Mark Morowczynski returns for his 4th(!) time with his Microsoft coworker and identity and authentication expert Tarek Dawoud in this incredibly insightful conversation on the what, why, and how of phishing resistant credentials that YOU can implement right now.

In this mega-discussion with Seth Misenar on GenAI and LLM usage for security operations we cover some very interesting topics, such as the unique capabilities GenAI affords to those working in security operations, the importance of natural language processing, and much more.

In this episode, we take you behind the scenes of a complex gift card fraud investigation. Join host John Hubbard and guest Mark Jeanmougin as they explore the intricate details of uncovering and combating a clever case of cyber fraud. In this episode Mark discusses how the incident was identified, investigated, contained, and what lessons were learned along the way.

Have you ever wondered what it takes to write and publish an information security book? In this special bonus episode following season 4, John discusses with Kathryn, Ingrid, and Carson the challenges and rewards of self-publishing, and the kind of effort that goes into producing a book like "11 Strategies of a World-Class Cybersecurity Operations Center".

This final chapter of the book is no simple closer! "Turn Up the Volume by Expanding SOC Functionality" covers testing that your SOC is functioning as intended through activities such as Threat Hunting, Red and Purple Teaming, Adversary Emulation, Breach and Attack Simulation, tabletop exercises and more. There's even a discussion of cyber deception types and tactics, and how it can be used to further frustrate attackers. Join John, Kathryn, Ingrid, and Carson in this final chapter episode for some not to be missed tips!

Metrics, is there any more confusing and contentious topic in cybersecurity? In this episode the authors cover their advice and approach to measuring your team so that issues can be quickly identified and performance can continuously improve!

Research has shown that communication is one of the most important factors for success in security incident response teams. In this chapter, the authors discuss the critical types of information that must be shared within the SOC, with the constituency, and with the greater cybersecurity community.
