Click here to send us your ideas and feedback on Blueprint!
While malicious insiders are a threat that most of us would like to imagine we might never have to deal with, it’s still one of the cyber threats you must realistically consider and plan for. But how do you identify malicious intent and potential attacks from those already inside our network that have legitimate access to our data? Check out this episode where James Rowley lays out what you need to consider when it comes to insider threat detection.
Our Guest - James Rowley
James Rowley is a cybersecurity-consultant-turned-dectection-engineer building the next generation of insider threat detections. As a Detection Engineer, James is responsible for merging the world of blue team and insider threat, moving the needle on how we approach insider detections within cyberspace. James outside of the workspace is passionate about most things related to outdoors, beer, whiskey, wine, food, travel, and Minnesota sports teams. You will find James enjoying these things and more with his fiance and two dogs, Marshall (Bernese Mountain Dog) and Maya (Basset Hound).
--
Sponsor's Note:
Support for the Blueprint podcast comes from the SANS Institute.
If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.
This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.
Check out the details at http://sans.org/sec450 Hope to see you in class!
--
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn
Check out John's SOC Training Courses for SOC Analysts and Leaders:
Follow and Connect with John: LinkedIn
