Ingrid Parker

Click here to send us your ideas and feedback on Blueprint!No security team is perfect, so in this episode, authors Carson, Ingrid, and Kathryn discuss what it takes to prepare for fast, effective incident response capability. Covering preparation, planning and execution, Strategy 5 will teach your team how to jump into action at the earliest sign of problems.This special season of the Blueprint Podcast is taking a deep dive into MITRE’s 11 Strategies of a World-Class Cyber Security Operations Center. Each episode John will break down a chapter of the book with the book’s authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.Sponsor's Note-----------Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450 Hope to see you in class!Follow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedInCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: Blue Team Fundamentals - Security Operations and Analysis LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Kathryn Knerler and Ingrid Parker, co-authors of a pivotal book on world-class cybersecurity operations centers, dive into the complex world of performance metrics. They discuss the importance of aligning metrics with organizational goals and share insights on differentiating between measures, metrics, and KPIs. Challenges in communicating cybersecurity effectiveness to non-technical stakeholders are explored, along with the role of timely metrics in enhancing response strategies. The use of visual aids, whimsically called 'Pew Pew maps,' adds humor to serious topics, making complex data more digestible.

Click here to send us your ideas and feedback on Blueprint!Welcome to a brand new season of Blueprint! In this intro episode we discuss "Fundamentals" chapter of the "11 Strategies of a World Class Cybersecurity Operations Center" with the authors. We get into the motivation behind updating the book and why its lessons are more important than ever in 2023. This chapter includes discussion of the functions of a SOC, basics of workflow, CTI and contextual data sources, and why ops tempo and speed is a critical factor in SOC success.This special season of the Blueprint Podcast is taking a deep dive into MITRE’s 11 Strategies of a World-Class Cyber Security Operations Center. Each episode John will break down a chapter of the book with the book’s authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.Visit this Mitre page to find more information.-----------Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450 Hope to see you in class!Follow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedInCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: Blue Team Fundamentals - Security Operations and Analysis LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn