Are you a cyber defender looking to keep up on the newest tools, technology, and security concepts? Then BLUEPRINT is the podcast for you! Tune in to hear the l...
Click here to send us your ideas and feedback on Blueprint!In this episode, we sit down with Ryan Thompson, a seasoned expert in building dashboards that actually detect real threats—not just look pretty. With experience at Elastic, Alert Logic, and top EDR vendors, Ryan shares deep insights into the science behind effective dashboards and how security teams can cut through the noise to find the threats on your network.We cover:Why most SOC dashboards fail to deliver real insights—and how to fix them.The right way to structure dashboards for SIEM, EDR, and threat hunting.How to visualize security data effectively to make detection faster.The balance between automation, alerts, and analyst intuition.If you’re a SOC analyst, detection engineer, or security leader looking to elevate your dashboard game and sharpen your cyber threat detection skills, this is an episode you won’t want to miss!Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: Blue Team Fundamentals - Security Operations and Analysis LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn
--------
1:03:02
Success Simplified - The 3 Step Process for Hitting Your Career Goals in 2025 with John Hubbard
Click here to send us your ideas and feedback on Blueprint!Surprise!! It's a mini solo episode to kick off the new year and it's on one of the most important topics there is - how to achieve your goals in 2025 and beyond!In this episode I talk about a topic I've never covered anywhere before - my personal system for productivity and how it helps me, and can likely you help you stay on track for those 2025 goals and stay aligned with what is most important in your life. Check this episode out for some useful productivity tips, inspiration, recommendations for some of my favorite books, and fuel to get fired up for 2025! HAPPY NEW YEAR! Note: The episode thumbnail is the actual picture that I took of the quote that I mention seeing in the coffee shop that day in 2018. Episode NotesSimon Sinek - Start With WhyThe 5-Fold Why TechniqueBook - The 12 Week YearBook - The ONE ThingObsidianThe Eisenhower MatrixBook - Steal Like An ArtistBook - 4000 Weeks: Time Management for MortalsCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: Blue Team Fundamentals - Security Operations and Analysis LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn
--------
29:58
How Phishing Resistant Credentials Work with Mark Morowczynski and Tarek Dawoud
Click here to send us your ideas and feedback on Blueprint!Mark Morowczynski returns for his 4th(!) time with his Microsoft coworker and identity and authentication expert Tarek Dawoud in this incredibly insightful conversation on the what, why, and how of phishing resistant credentials that YOU can implement right now! This conversation covers:What makes MFA phishable?What phishing resistant credentials are and how they workThe history and modern methods for phishing resistant credentialsWhat attacks will be used once we move to phishing resistant credentials, and how to prevent and detect itHow verified digital identities and corporate identification can help further reduce risk of help desk based attacksShifting the culture to adopt a passwordless loginKey logs to detect identity attacksResources for learning KQLEpisode Links:Tarek Explains Phishing Resistant Authentication: https://www.youtube.com/watch?v=3wtwUh6iyxYMicrosoft Digital Defense Report: https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024Nuance: https://www.nuance.com/index.htmlBook - The Definitive Guide to KQL: https://www.microsoftpressstore.com/store/definitive-guide-to-kql-using-kusto-query-language-9780138293383 KQL Github Repo: github.com/kqlmspress Kusto Detective Agency: https://detective.kusto.io/PRE-ROLL only! It says lets jump in at the end.Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: Blue Team Fundamentals - Security Operations and Analysis LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn
--------
55:13
How GenAI is Changing Your SOC for the Better with Seth Misenar
Click here to send us your ideas and feedback on Blueprint!In this mega-discussion with Seth Misenar on GenAI and LLM usage for security operations we cover some very interesting questions such as: - The importance of natural language processing in Sec Ops- How AI is helping us detect phishing email- Where and how AI is lowering the bar for entry-level security SOC roles- Should we worry about AI hallucinations or AI taking our jobs?- What is a reasoning model and how is it different than what we've seen so far?- The future of AI - Multimodal interaction, Larger Context Windows, RAG, and more- What is Agentic AI and why will it change the game?Episode Links:The book from Manning Seth liked as a thoughtful accessible on-ramp: https://www.manning.com/books/introduction-to-generative-aiCoursera prompt engineering course series: https://coursera.org/specializations/prompt-engineeringGandalf Online Prompt Injection Challenges from Lakera (FYI Seth finds a lot of Lakera’s content to be really high-quality and useful): https://gandalf.lakera.ai/baseline“Nonsense on stilts” reference from Gary Marcus in response to the Google employee claiming LaMDA was sentient: https://garymarcus.substack.com/p/nonsense-on-stilts?utm_source=twitter&sd=pf. AI as a monster with a smiley face image: https://knowyourmeme.com/memes/shoggoth-with-smiley-face-artificial-intelligenceEthan Mollick is the Wharton professor Seth mentioned, Seth says his “One Useful Thing” Substack is a valuable and thought provoking source: https://www.oneusefulthing.org/. Also his book, Co-Intelligence: Living and Working with AI, would also be worth checking out: https://www.penguinrandomhouse.com/bookPRE-ROLL only! It says lets jump in at the end.Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: Blue Team Fundamentals - Security Operations and Analysis LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn
--------
1:36:15
From Clues to Containment - Unraveling A Gift Card Fraud Scheme with Mark Jeanmougin
Click here to send us your ideas and feedback on Blueprint!In this episode, we take you behind the scenes of a complex gift card fraud investigation. Join host John Hubbard and guest Mark Jeanmougin as they explore the intricate details of uncovering and combating a clever case of cyber fraud. In this episode Mark discusses how the incident was identified, investigated, contained, and what lessons were learned along the way.Episode Links:- Mark's LinkedIn Profile: https://www.linkedin.com/in/markjx/- Mark's Teaching Schedule: https://www.sans.org/profiles/mark-jeanmougin/PRE-ROLL only! It says lets jump in at the end.Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: Blue Team Fundamentals - Security Operations and Analysis LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn
Are you a cyber defender looking to keep up on the newest tools, technology, and security concepts? Then BLUEPRINT is the podcast for you! Tune in to hear the latest in cyber defense and security operations from blue team leaders and experts. With a focus on learning, BLUEPRINT includes interviews with today’s top security practitioners defending the world’s most respected brands, and in-depth explanations on the newest technologies, protocols, and defensive tools. BLUEPRINT, is a podcast hosted by John Hubbard and brought to you by the SANS Institute. BLUEPRINT - your one-stop shop for taking your defense skills to the next level!
Netherlands