The Secret Sauce of SANS Instructors with John Hubbard
Hacker Valley Studio1 Nov 2022

The Secret Sauce of SANS Instructors with John Hubbard

John Hubbard, SOC consultant, SANS Sr. Instructor and host of the Blueprint Podcast, joins the Hacker Valley team this week to discuss SANS, SOCs, and seeking new hobbies. As the curriculum lead for cyber defense, John breaks down what makes a good SANS instructor and how to inspire passion in students when teaching for long hours. Additionally, John gives away his life hacks for pursuing passions outside of the cybersecurity industry, including podcasting, video editing, music creation, and nutrition.

Time Coded Guide:

[00:00] Instructing for SANS & what it takes to be a good instructor

[07:33] Exploring the potential of a SOC-less cyber industry

[13:38] Teaching complicated topics with clear visuals & simple comparisons

[19:37] Podcasting his way to better SOC consulting skills

[26:12] Finding a balance between jack of all trades & single skill master

Sponsor Links:

Thank you to our sponsor Axonius for bringing this episode to life!

The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley

What do you think are the makings of a good instructor, especially for SANS?

Transitioning from the world of electrical and computer engineering, John’s journey to becoming a SANS instructor took over 3 years of study. Although he jokes that training to be a SANS instructor was the longest job interview ever, John is thankful for the mentorship and inspiration his training gave him. SANS courses require long hours and hard work, but John believes the best instructors bring a real love for what they do to each class.

“The technical aspect has to be there in a very strong way. Beyond that, you have to deliver this message not only with razor sharp clarity, but also with passion and energy. People are sitting there watching you talk for hours. If you aren't excited, they're not going to be excited.”

Cyber defense is a pretty broad topic. What makes you feel comfortable teaching a course on cyber defense?

Cyber defense can be a topic that’s both broad and confusing for students, but John has been dedicated to building a curriculum that cuts through the confusion and inspires innovation. Teaching his students to focus on priorities, John wants to bring clarity to complex topics like SOCs, Kerberos, and related security issues. While the topics can be broad and debatable, John wants to equip his students with real world examples and simple comparable concepts.

“If there was one word I was going to summarize both of the classes I teach with, it’s ‘priorities.’ It's getting the right stuff there first, and not getting distracted by all the other details that are potentially trying to pull you in the wrong direction.”

Have there been unintended benefits to being a podcast host, that either helps you as an instructor, or even someone that does consulting in the SOC space?

Taking the chance to start the Blueprint podcast was inspired partly by John’s previous interest in podcasts like Security Now, but also by his pursuit of learning content creation. Starting a podcast, for John, was an exercise in testing his comfort zone. Learning the technical aspects as well as the creative aspects of content creation and podcast hosting continues to build John’s confidence in his storytelling and teaching skills.

“For me, a lot of things have come out of podcasting. Probably one of the biggest things is just flexing that muscle of doing things that are slightly uncomfortable and scary. Any time you think, ‘I don't know if I can pull this off. Should I do it?’ The answer should always be yes.”

What is one piece of advice or philosophy that enables you to do more and squeeze as much as you can out of life?

In the same way that he teaches his SANS students about priorities, John focuses on his personal priorities often in order to accomplish his well-rounded, jack of all trades lifestyle. Building new skills and cataloging new experiences feels vital for John. Taking full advantage of the time he’s been given and getting curious about expanding his comfort zone is an essential philosophy that has taught John not only about cyber defense, but about every hobby he enjoys as well.

“I try to get up as early as I can manage to get up every day, well before I start getting emails and meeting requests and all sorts of stuff like that, and try to plan out my day and ask myself, ‘How am I going to actually approach doing the things that matter the most to me?’”

---------------

Links:

Keep up with our guest John Hubbard on LinkedIn, Twitter, and YouTube

Listen to John’s podcast on the Blueprint Blog

Learn more about John’s work on the SANS Institute website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Avsnitt(404)

The Power of AppSec, Cyber Education, and Friendship with Tanya Janca

The Power of AppSec, Cyber Education, and Friendship with Tanya Janca

In this episode, Host Ron Eddings catches up with longtime friend, Tanya Janca, Head of Education and Community at SemGrep and author of 'Alice and Bob Learn Application Security.' Tanya shares her experiences from working in the Canadian government to joining Microsoft and eventually founding WeHackPurple. Tanya talks about her new role at SemGrep, where she focuses on making application security education accessible, and the importance of building supportive communities in the tech industry. Impactful Moments: 00:00 - Welcome 01:20 - Introducing guest, Tanya Janca 03:09 - “IDK How to Make SemGrep Rules…” 0707 - Finding Shadow IT & Embezzlers 11:27 - Join Our Mastermind 12:09 - Becoming an AppSec Professional 15:22 - Elections CISO 18:00 - Speaking at Conferences 21:15 - Microsoft Calls Me One Day… 23:21 - Parting Ways; But Still Friends 24:30 - “Can You Train Our Devs?” 27:50 - Fairness Is Important 32:27 - Put Yourself Out There!   Links: Connect with our guest, Tanya Janca: https://www.linkedin.com/in/tanya-janca/ Check out SemGrep Academy: https://academy.semgrep.dev/ We Hack Purple Podcast: https://wehackpurple.buzzsprout.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

26 Juni 202435min

Networking 2.0: The Future of Decentralized Networking & Access Management

Networking 2.0: The Future of Decentralized Networking & Access Management

In this episode, Hosts Ron Eddings, and Jen Langdon share takeaways from Ron's RSA conversation with Colin Constable, Co-Founder and CTO at Atsign On this show, they’ll break down Networking 2.0 and how it can serve as the next evolution for data ownership and access control. Colin and his team at Atsign have built the atProtocol®, a new open-source internet protocol that makes private and secure data sharing simple and intuitive, enabling any person, entity or thing to implement NIST Zero Trust principles into their solution. Impactful Moments: 00:00 - Welcome 02:17 - Introducing, Colin Constable 03:42 - The Problem with the Current Internet 08:02 - The Catalyst Behind atProtocol® 11:12 - Nexus of Networking, Identity & Privacy 14:19 - From our Sponsor, Atsign 15:23 - What’s Networking 2.0? 18:54 - Internet Anonymity & Accountability 24:31 - Unique Solutions using atProtocol®   Links: Connect with Colin Constable: https://www.linkedin.com/in/colinconstable/ Check out Atsign: https://atsign.com/ Read the atProtocol Whitepaper here: https://atsign.com/resources/white-papers/the-atprotocol/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

18 Juni 202432min

How AI is the Key Turning Point in TPRM with Paul Valente

How AI is the Key Turning Point in TPRM with Paul Valente

In this episode, Host Ron Eddings enjoys a reprieve from the hectic RSA conference with guest Paul Valente, CEO of VISO Trust. Paul discusses how he used his extensive experience as a CISO to solve a huge pain point he was experiencing with third party risk management (TPRM) and how it prompted him and a colleague to start their own company to create the solution they had been wishing for. However, nothing could be more exciting than the ways AI has expanded the potential for TPRM to change security outcomes and allow the security sector to drop the ‘department of no’ branding for good. Tune in to hear the whole story!   Impactful Moments: 00:00 - Welcome 01:03 - Introducing guest, Paul Valente 04:49 - Core Pillars of Being a CISO 06:14 - Why Cyber Startup? 7:46 - AI: The Key Turning Point for TPRM 10:40 - Why Do Companies Need TPRM? 15:09 - From our Sponsor, VISO Trust 16:17 - Data & Controlling Risk 22:35 - No Security Questionnaires! 24:14 - One Step Better…   Links: Connect with our guest, Paul Valente: https://www.linkedin.com/in/pauldvalente/ Check out VISO Trust: https://visotrust.com/hackervalley Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

11 Juni 202425min

A Deep Dive into MSSPs: Understanding the Evolution and Secrets Within with Ricardo Nicolini

A Deep Dive into MSSPs: Understanding the Evolution and Secrets Within with Ricardo Nicolini

In this episode, Ron Eddings and Jen Langdon explore the origins of MSSPs and the solutions they offer to the cybersecurity industry with insights from Ricardo Nicolini, CTO at Bulletproof. Ricardo will uncover the potential of MSSPs to alleviate headaches and reduce burnout in cybersecurity by detailing his personal experience with overcoming a ransomware attack in the City of Saint John. Impactful Moments: 00:00 - Welcome 05:15 - Introducing guest, Ricardo Nicolini 07:21 - Find & Prevent: FAST! 11:39 - Who MSSPs Support 13:48 - From our Sponsor, ContraForce 14:48 - City of Saint John & Ransomware 20:02 - Implications of Ransomware 25:16 - SOC Burnout is Real 29:21 - Improving the SOC with the Right Person 35:46 - Is Reducing Cognitive Load Possible?   Links: Connect with our guest Ricardo Nicolini : https://www.linkedin.com/in/rnicolini/ Check out ContraForce: https://www.contraforce.com/ Learn more about how Bulletproof helped the City of Saint John: https://content.bulletproofsi.com/read-cosj-case-study Check out our upcoming events: hackervalley.com/livestreams Continue the conversation by joining our Discord: https://hackervalley.com/discord Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

4 Juni 202440min

Zero Trust Tactics: Preventing Breaches with Ivan Fonseca & Nick Cottrell

Zero Trust Tactics: Preventing Breaches with Ivan Fonseca & Nick Cottrell

In this episode, Host Ron Eddings teams up with Ivan Fonseca and Nick Cottrell, Cybersecurity Engineers at ThreatLocker, as they break down the anatomy of previous breaches and the attacker’s playbook using MITRE ATT&CK. Ivan and Nick will take you through the defender’s perspective and will also share tools that are commonly used to defend breaches and discuss how Zero Trust can be implemented to better defend organizations.   Impactful Moments: 00:00 - Welcome 01:35 - Introducing guests, Ivan Fonseca and Nick Cottrell 04:39 - 3CX Breach & Supply Chain Attacks 08:10 - Ring Fencing Defense 11:16 - Living Off the Hacker Valley Land 13:06 - From our Sponsor, ThreatLocker 13:56 - Hacker Mindset in the Op 18:45 - Zero Trust, Default Deny 24:23 - Common Attack Vectors 30:09 - 7 Zip is a Russian Application? 32:49 - Learning How to Defend Better   Links: Connect with our guests, Ivan Fonseca and Nick Cottrell : https://www.linkedin.com/in/ivan-fonseca-64139222b/ https://www.linkedin.com/in/nicholas-cottrell-083564165/ Learn more about ThreatLocker: https://www.threatlocker.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

28 Maj 202439min

Enterprise Browsers: Work’s Natural Next Step

Enterprise Browsers: Work’s Natural Next Step

In this episode, Ron Eddings and Jen Langdon talk about the evolution of browsers and how enterprise browsers have entered to change the game for corporations. Special guest Bradon Rogers, Chief Customer Officer at Island, joins to explain how enterprise browsers expand capabilities in asset management, security, and user experience. They also discuss how enterprise browsers can streamline IT infrastructure, offering a glimpse into the future and AI's role in it. Impactful Moments: 00:00 - Welcome 04:25 - Introducing guest, Bradon Rogers 07:23 - Extension vs Browser 14:53 - Security Use Cases 18:12 - From our Sponsor 19:34 - Better User Decisions 24:01 - Tool Reduction 26:24 - IT & Security Should Play Nice 29:41 - Data Protection   Links: Connect with our guest, Bradon Rogers: https://www.linkedin.com/in/bradon/ Check out Island’s website here: https://www.island.io/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

21 Maj 202434min

Building Tech and Adding Value in the Era of AI with Josh Danielson

Building Tech and Adding Value in the Era of AI with Josh Danielson

In this episode, Ron Eddings talks with guest Josh Danielson, CEO at Kustos, about how his journey at a previous organization has led him to build and create new products in the industry. They’ll discuss everything from how AI is currently being used to how there are still many ways to optimize in the cybersecurity product and service space. Listen to learn more about how you could create the next great thing in cyber! Impactful Moments: 00:00 - Welcome 00:43 - Introducing guest, Josh Danielson 03:20 - Cutting Edge Tech 07:34 - To CISO or not to CISO 10:33 - Join Our Creative Mastermind 11:20 - Balancing Product & Services 14:37 - Not Taking Advantage of AI 18:10 - Getting Better Value out of Tooling 21:35 - One Step Better…   Links: Connect with our guest, Josh Danielson: https://www.linkedin.com/in/joshua-danielson-a82b7342/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

14 Maj 202424min

Building Fast and Not Breaking Things with Shlomi Matichin

Building Fast and Not Breaking Things with Shlomi Matichin

In this episode, Ron Eddings and guest Shlomi Matichin, Co-Founder & CTO at Valence Security, discuss how the hurdles and triumphs in the journey of establishing Valence Security resulted in a reduction in SaaS misconfigurations and vulnerabilities. Impactful Moments: 0:00 - Welcome 01:50 - Introducing guest, Shlomi Matichin 02:46 - Founder’s Journey 04:30 - Building Fast 07:37 - Building Fast vs Building Intentionally 08:13 - From Our Sponsor, Valence Security 09:18 - How SaaS Breaches Occur 13:38 - Google Workspace Security 19:55 - The Uninstall Journey 25:00 - What Worries You? 27:48 - Building SaaS Fast 31:08 - One Step Better   Links: Connect with our guest, Shlomi Matichin: https://www.linkedin.com/in/shlomi-matichin/ Check out Valence Security: valencesecurity.com Check out our upcoming events: hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

7 Maj 202432min

Populärt inom Utbildning

rss-bara-en-till-om-missbruk-medberoende-2
historiepodden-se
det-skaver
alska-oss
nu-blir-det-historia
harrisons-dramatiska-historia
johannes-hansen-podcast
allt-du-velat-veta
sektledare
roda-vita-rosen
rss-sjalsligt-avkladd
not-fanny-anymore
polisutbildningspodden
sa-in-i-sjalen
vi-gar-till-historien
rss-max-tant-med-max-villman
rss-om-vi-ska-vara-arliga
rss-npf-podden
rss-basta-livet
rss-makabert