Detection at Scale

SANS's John Hubbard on Future-Proofing SOC Analysts in the Age of AI

Jul 1, 2025
John Hubbard, Cyber Defense Curriculum Lead at SANS Institute and host of the Blueprint podcast, dives into the future of SOCs in the age of AI. He discusses how AI revolutionizes alert contextualization, enabling better triage decisions by incorporating business context. John highlights the educational gap in teaching both traditional security skills and AI-driven approaches. He also explores the potential of natural language interfaces for complex tasks and shares insights on future-proofing careers in a rapidly evolving tech landscape.
Ask episode
AI Snips
Chapters
Books
Transcript
Episode notes
ANECDOTE

From Tier-One To SANS Instructor

  • John Hubbard built a SOC from tier‑one analyst to U.S. SOC lead on a 150k endpoint network.
  • He now teaches those lessons at SANS and authors SOC courses.
ADVICE

Teach Fundamentals, Then Use AI

  • John Hubbard teaches core security methods then shows AI-accelerated shortcuts.
  • He keeps exercises for sharpening fundamentals while leveraging AI for speed.
INSIGHT

Context Is King For Triage

  • John argues AI can dynamically fuse business and asset context to improve triage accuracy.
  • Better context lets analysts prioritize truly critical alerts with confidence.
Get the Snipd Podcast app to discover more snips from this episode
Get the app