One Week Left to Get an 11" iPad Pro, a Surface Go 2, or $300 Off with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Putting Your SOC to the Test

  • Wednesday, June 10, 2020 at 10:30 AM EDT (2020-06-10 14:30:00 UTC)
  • John Hubbard

You can now attend the webcast using your mobile device!



You may have worked hard to establish what seems to be a great set of processes and threat detection technologies in your SOC. When a real-world attack eventually comes though, will the whole system work as expected? Have you ever put each component to the test? How realistic was that test? 

When it comes to assessing your SOC's capabilities there is a whole spectrum of options from atomic analytic testing, to purple teaming, to full-on adversary emulation. In this webcast we will cover each of these assessment methods, tools to facilitate testing, and why all of the above are likely necessary to fully evaluate your SOC's defensive capabilities.

Speaker Bio

John Hubbard

John Hubbard is a certified SANS instructor and the author of two courses: SEC450: Blue Team Fundamentals: Security Operations and Analysis and SEC455: SIEM Design & Implementation. As a security operations center (SOC) consultant and speaker, John specializes in security operations, threat hunting, network security monitoring, SIEM design and defensive process optimization. His mission to improve blue teams led him to partner with SANS to help develop the next generation of defensive talent around the world.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.