Support for the Blueprint podcast comes from the SANS Institute.
If you like the topics covered in this podcast and would like to
learn more about blue team fundamentals such as host and network data
collection, threat detection, alert triage, incident management, threat
intelligence, and more, check out my new course SEC450: Blue Team
This course is designed to bring attendees the information that
every SOC analyst and blue team member needs to know to hit the ground
running, including 15 labs that get you hands on with tools for threat
intel, SIEM, incident management, automation and much more, this course
has everything you need to launch your blue team career.
Check out the details at sansurl.com/450! Hope to see you in class!
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn
Featured Guest Bio:
Ryan Chapman works as a Principal Incident Response analyst. He
also teaches SANS FOR610: Reverse Engineering Malware and is the lead
organizer for CactusCon, Arizona's hacker conference. Ryan has worked in
Security Operations Center and Computer Incident Response Team roles
that handled incidents from inception all the way through remediation.
Reviewing log traffic; researching domains and IPs; hunting through log
aggregation utilities; sifting through pack captures; analyzing malware;
and performing host and network forensics are all things that Ryan
loves to do. With Ryan, it's all about the blue team!
Learn more about Ryan here.
Follow Ryan on Twitter (@rj_chap) and LinkedIn (/in/ryanjchapman).