Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Blueprint Podcast

Arm yourself with the most valuable and actionable content for advancing cyber defense skills. Hear from some truly interesting people changing the game in the blue teaming field, and ultimately learn actionable ways to take your cyber defense skills to the next level.

Showing 48 of 56

John Hubbard: Key lessons and takeaways from Blueprint Season 2 + A Special Announcement! | 23

In this solo episode to wrap up season 2, John discusses some of the key takeaways from the guests interviewed throughout this year, and has some very exciting news for all blue teamers on a brand new GIAC certification. GIAC GSOC

Podcastblueprint
  • 2021-06-08
  • John Hubbard
Listen now

Strategy 2: Give the SOC the Authority to Do Its Job | 40

Though a SOC is responsible for protecting your organization's assets, it is not the owner of those systems. If the SOC is not established with a clear charter and authority to act, it may quickly become difficult to be effective. Who should the SOC report to, what should be in a SOC charter, and how can we make these tough decisions? Those are the questions covered in this episode of our special "11 Strategies" season. This episode covers chapter 2 of the book - "Give the SOC the Authority to Do Its Job".This special season of the Blueprint Podcast is taking a deep dive into MITRE’s 11 Strategies of a World-Class Cyber Security Operations Center. Each episode, John will break down a chapter of the book with the book’s authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.

Podcastblueprint
  • 2023-05-15
  • John Hubbard
Listen now

Joe Lykowski: Building a Transparent, Data-Driven SOC | 36

In this episode we speak with Joe Lykowski - Cyber Defense Lead at a major manufacturing company on what it takes to build a mature, transparent, and effective SOC. Joe brings years of experience to the table in running a large organization’s security team and in this interview he draws out some of his favorite tips, strategies and more on metrics, building the right team, and what to prioritize as you build up a SOC for an org of any size.

Podcastblueprint
  • 2022-09-06
  • John Hubbard
Listen now

Tony Turner: Securing the Cyber Supply Chain | 30

John and Tony Turner share their wisdom on trends they are seeing in the cyber industry and offer advice as to how we should be looking at cyber defense in 2022 and beyond.

Podcastblueprint
  • 2022-07-26
  • John Hubbard
Listen now

From Clues to Containment - Unraveling A Gift Card Fraud Scheme with Mark Jeanmougin | 53

In this episode, we take you behind the scenes of a complex gift card fraud investigation. Join host John Hubbard and guest Mark Jeanmougin as they explore the intricate details of uncovering and combating a clever case of cyber fraud. In this episode Mark discusses how the incident was identified, investigated, contained, and what lessons were learned along the way.

Podcastblueprint
  • 2024-10-08
  • John Hubbard
Listen now

Alexia Crumpton: MITRE ATT&CK for Defenders | 33

One of the best frameworks that showed up within the last 5 or so years is undoubtedly the MITRE ATT&CK® framework. Many of us may know about it in passing and even reference from time to time, but very few people seem to know the true depth of knowledge contained - everything from analytics to threat groups, specific mitigation and detection opportunities, and with the newest versions, even specific data sources. In this episode we talk to the Defensive Lead of ATT&CK from MITRE, Lex Crumpton, about what every blue team member needs to know about this framework, and more!

Podcastblueprint
  • 2022-08-16
  • John Hubbard
Listen now

Rob Lee: Training and Reskilling in Cyber Security | 35

Many of us are either looking to start a cyber security career, improve our knowledge and skills to further our career, or hire a team that has the most skilled and promising candidates. In this special episode with Rob Lee, Chief Curriculum Director of the SANS Institute, we discuss strategies for building, improving, and testing your cyber security group’s skill levels, and working to keep our knowledge as current as possible - a critical skill for anyone in the fast moving world of cyber security.

Podcastblueprint
  • 2022-08-30
  • John Hubbard
Listen now

Empowering Security Researchers Around the World! | 09

Roberto Rodriguez explains the awesome projects and initiatives he is working on to help blue teams perform advanced data collection, analysis, and threat hunting.

Podcastblueprint
  • 2020-08-04
  • John Hubbard
Listen now

Josh Brower - Playbook for Security Onion | 13

Driving consistency and maintaining a high standard for alert response is a problem all SOCs must face, but how? In this episode, Josh Brower describes his efforts to combine automated detection signature deployment and use case database management into a single, easy to use app for Security Onion. Whether you use Security Onion or not, this episode dives into the design principles and workflow Josh used when designing the new open-source Playbook app and there’s something to learn from it for everyone on the Blue Team.

Podcastblueprint
  • 2021-03-30
  • John Hubbard
Listen now

Understanding and Applying Threat Intelligence | 05

Katie Nickels talks about what threat intelligence is, where to get it, what you should expect from it, and how the SOC should be using it.

Podcastblueprint
  • 2020-07-07
  • John Hubbard
Listen now

Rob van Os - Maturing your Cyber Defense | 15

Are you a manager looking to build or improve your SOC? Are you trying to understand how to measure your SOCs maturity or use cases or your threat hunting efforts? If so, today's episode with Rob van Os is for you. In this episode, we discuss the SOC CMM for SOC maturity measurement, the magma use case framework for building and tracking SOC use cases, and the Tahiti threat hunting methodology for showing ROI on threat hunting.

Podcastblueprint
  • 2021-04-13
  • John Hubbard
Listen now

James Rowley: Creating and Running an Insider Threat Program | 26

TBD

Podcastblueprint
Blueprint
  • 2025-03-27
  • 1 hrs 20 mins
  • Stephen Sims & Jon Gorenflo
Listen now