Blueprint: Build the Best in Cyber Defense

Click here to send us your ideas and feedback on Blueprint!Looking for a new way to approach the difficult problem of measuring and improving your SOC? Check out this episode to hear how to use methods pioneered in the manufacturing and reliability industry to help wrap your head around, and solve this complex issue. You don’t want to miss this episode with Jon Hencinski, Director of Operations at Expel who covers all of this and more.Our guest - Jon HencinskiJon Hencinski is the Director of Global Operations at Expel. In this role, he’s responsible for the day-to-day operations of Expel’s security operations center (SOC) and detection and response engineering. He oversees how Expel recruits, trains, and develops security analysts. Jon has over a decade of experience in the areas of SOC operations, threat detection, and incident response. Prior to Expel, Jon worked at FireEye, BAE Systems, and was an adjunct professor at The George Washington University.Follow JonTwitter: @jhencinskiLinkedIn: /in/jonathanhencinskiWeb: https://hencinski.medium.comSupport for the Blueprint podcast comes from the SANS Institute.Since the debut of SEC450, we’ve always had students interested in a matching course covering the management and leadership aspects of running a SOC. If you like the topics in this podcast and would like to learn more about Blue Team leadership and management, check out the new MGT551: Building and Leading Security Operations Centers. This new course is designed for Security Team leaders looking to build, grow and operate a security operation center with peak efficiency. It’s a hands-on technical leadership course, that takes you through everything from scoping threat groups to use case creation, threat hunting, planning, SOC maturity and detection assessment and much much more.Check out the course syllabus, labs and a free demo at sansurl.com/551 Follow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedInCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!Austin Taylor discusses the promise and reality of cyber security-centric data science, and how you can use machine learning for solving practical security problems.Twitter Handles: @HuntOperator | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!Roberto Rodriguez explains the awesome projects and initiatives he is working on to help blue teams perform advanced data collection, analysis, and threat hunting.Twitter Handles: @Cyb3rWard0g | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!Cloud expert Kyle Dickinson discusses common cloud infrastructure attacks, and how you can detect and prevent them before they happen to your organization.Twitter Handles: @KyleHaxWhy | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!Mark and Libby share the new technologies in use at Microsoft to dramatically decrease the need for the use of passwords in the enterprise.Twitter Handles: @markmorow | @TruBluDevil | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!Dave and Ryan speak with John about resources for training yourself, and the challenges of setting up a large-scale cyber lab to simulate an advanced attack for their Splunk Boss of the SOC competition.Twitter Handles: @daveherrald | @meansec | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!Katie Nickels talks about what threat intelligence is, where to get it, what you should expect from it, and how the SOC should be using it. Twitter Handles: @likethecoins | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!Mary Chaney shares what types of laws we should be concerned about. She discusses her thoughts on privacy laws and how that will drive cyber security, and what she’s doing to get more diverse representation in the industry at all levels. Twitter Handles: @MaryNChaney | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!Chris Sanders and Stef Rand discuss qualitative research they conducted on how to use divergent or convergent thinking for improving the quality of your analysis.Twitter Handles: @ChrisSanders88 | @techieStef | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Click here to send us your ideas and feedback on Blueprint!In our very first guest interview with Mark Orlando, John asks Mark questions to help us re-evaluate our security operations.Twitter Handles: @MarkAOrlando | @SecHubbAll Blueprint Podcast Episodes: sans.org/blueprint-podcastCheck out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn