

SANS's John Hubbard on Future-Proofing SOC Analysts in the Age of AI
Jul 1, 2025
John Hubbard, Cyber Defense Curriculum Lead at SANS Institute and host of the Blueprint podcast, dives into the future of SOCs in the age of AI. He discusses how AI revolutionizes alert contextualization, enabling better triage decisions by incorporating business context. John highlights the educational gap in teaching both traditional security skills and AI-driven approaches. He also explores the potential of natural language interfaces for complex tasks and shares insights on future-proofing careers in a rapidly evolving tech landscape.
AI Snips
Chapters
Books
Transcript
Episode notes
From Tier-One To SANS Instructor
- John Hubbard built a SOC from tier‑one analyst to U.S. SOC lead on a 150k endpoint network.
- He now teaches those lessons at SANS and authors SOC courses.
Teach Fundamentals, Then Use AI
- John Hubbard teaches core security methods then shows AI-accelerated shortcuts.
- He keeps exercises for sharpening fundamentals while leveraging AI for speed.
Context Is King For Triage
- John argues AI can dynamically fuse business and asset context to improve triage accuracy.
- Better context lets analysts prioritize truly critical alerts with confidence.