Support for the Blueprint podcast comes from the SANS Institute.
Ever since the debut of the SANS SEC450: Blue Team Fundamentals
course in 2019, author John Hubbard has had students ask if there is a
management specific course that pairs with it. Well, the wait is finally
over. If you like the topics covered in this podcast and would like to
learn more about blue team leadership and management, check out the new
2-day course MGT551: Building and Leading Security Operations Centers!
This new management track course is designed for SOC leaders looking
to build, grow, or improve their security operations capabilities
through improved analysis technique, false positive reduction, better
metrics, and continuous SOC assessment. Don't think that just because
this is a management course that it won't be hands on though. Throughout
the two days, there are 6 hands-on labs that show you, step-by-step,
how to use tools for organization and implementation of analyst
playbooks, SOC use cases, threat intelligence, purple team assessment
planning and much more.
Check out this new offering at sansurl.com/551! Hope to see you in class!
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn
Featured Guest Bio:
Dave Herrald is a technical information security professional with
over 20 years of security and IT experience in the software, payments,
online advertising, and broadcast media industries. He works as a
Principal Security Strategist at Splunk, where he focuses on Splunk Boss
of the SOC(BOTS), performs research into adversary simulation for blue
teams, trains technical security teams worldwide, and helps Splunk
customers defend their organizations. Dave has worked in various
information security roles, including pre-sales engineer, strategic
security consultant, penetration tester, hands-on security
architect/engineer/analyst, and chief information security officer. Dave
holds many security certifications, including GIAC Security Expert
Ryan Kovar, with over 20 years of experience cybering, has done
everything from pulling miles of CAT5 cable on an aircraft carrier to
learning that he didn't want to be a malware RE. Most recently, he
worked at the Defense Advanced Research Projects Agency (DARPA) on a
team dedicated to detecting and mitigating advanced threats. Ryan then
moved to Splunk as a Principal Security Strategist where he teaches
hunting, attempts practical security research, and solves fun problems
for folks around the world. Ryan loves Bernese mountain dogs and wire
data, and despises printers.
Follow Dave Herrald on Twitter (@daveherrald) and LinkedIn (/in/daveherrald).
Follow Ryan Kovar on Twitter (@meansec) and LinkedIn (/in/ryan-kovar-9a6466a).