Resources
Courses, Webcasts, Presentations, Slides, Research and MoreSans Webcasts
2020
- Understanding and Leveraging the MITRE ATT&CK® Framework: A SANS Roundtable (06-Aug-2020)
- Measuring and Improving Cyber Defense Using the MITRE ATT&CK® Framework: A SANS Panel Discussion (28-Jul-2020)
- Measuring and Improving Cyber Defense Using the MITRE ATT&CK® Framework (21-Jul-2020)
- Supercharge your security operations with the brand new MGT551 – Building and Leading Security Operations Centers! (12-Jun-2020)
- Putting Your SOC to the Test (10-Jun-2020)
- Faster, Better, AND Cheaper: Improving security operations using open source tools (17-Mar-2020)
2019
- 2019 SANS Survey on Next-Generation Endpoint Risks and Protections (03-Dec-2019)
- 3 Critical Concepts That New SOC Analysts Must Master (02-Dec-2019)
- Untapped Potential: Getting the most out of your SIEM (24-Oct-2019)
- Power up your Security Operations Center’s human capital with the new SEC450 Part 2 – Blue Team Fundamentals…Finding and training the right people! (16-Oct-2019)
- Power up your Security Operations Center with the new SEC450 Part 1 – Blue Team Fundamentals…Creating an on-ramp for new defenders! (16-Sep-2019)
- Live from the Security Operations Summit: Rethinking the SOC for Long-Term Success & 2019 SANS SOC Survey Preview (24-June-2019)
- Sharing Alerts and Threat Intelligence with MISP (01-May-2019)
- Alert Investigations in the SOC – Building Your Workflow (10-Apr-2019)
- MITRE ATT&CK and Sigma Alerting (13-Feb-2019)
2018
- Automation Nation (08-Nov-2018)
- More Bad Data (07-Nov-2018)
- Prioritizing Log Enrichment (06-Nov-2018)
- High Fidelity Alerts: How to create custom alerts like a pro (30-May-2018)
- How to Build & Maintain an Open Source SIEM (24-Jan-2018)
2017
- Modern Log Parsing and Enrichment with SIEM (08-Nov-2017)
- SIEM Design & Architecture (06-Sep-2017)
YouTube
-
Virtuous Cycles: Rethinking the SOC for Long-term Success (slides only version) / Version 2 @ SANS Security Operations Summit (14-Aug-2019)
- Q&A Interview with Stephen Hart (01-Nov-2019)
-
The Elastic Stack as a SIEM – Philly Security Shell (22-Feb-2019)
-
Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework (24-Sep-2018)
- VMs All the Way Down – BSides Delware 2016 (16-Nov-2016)
Presentations / Guides
- Security Operations Guide – SANS Virtual Poster (Coming Soon!)
- Virtuous Cycles: Rethinking the SOC for Long-term Success Slides
- A Log Lifecycle – SANS Poster
- The Elastic Stack as a SIEM (Slideshare)
- VMs All the Way Down (Slideshare)
Research Papers
- Measuring and Improving Cyber Defense Using the MITRE ATT&CK Framework by John Hubbard – July 17, 2020
- 2019 SANS Survey on Next-Generation Endpoint Risks and Protections by Justin Henderson and John Hubbard – December 2, 2019
- J. Hubbard, K. Weimer and Y. Chen, “A study of SSL Proxy attacks on Android and iOS mobile applications“, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC), Las Vegas, NV, 2014, pp. 86-91, doi: 10.1109/CCNC.2014.6866553.
Contact John
Have a question or interested in booking John as a speaker at your next event?
Fill in the contact form here and he’ll get back to you. We will not share any of your info with anyone else.
NOT INTO FORMS? EMAIL ME:
john@blueprintcyber.com