The Secret Sauce of SANS Instructors with John Hubbard
Hacker Valley Studio1 Nov 2022

The Secret Sauce of SANS Instructors with John Hubbard

John Hubbard, SOC consultant, SANS Sr. Instructor and host of the Blueprint Podcast, joins the Hacker Valley team this week to discuss SANS, SOCs, and seeking new hobbies. As the curriculum lead for cyber defense, John breaks down what makes a good SANS instructor and how to inspire passion in students when teaching for long hours. Additionally, John gives away his life hacks for pursuing passions outside of the cybersecurity industry, including podcasting, video editing, music creation, and nutrition.

Time Coded Guide:

[00:00] Instructing for SANS & what it takes to be a good instructor

[07:33] Exploring the potential of a SOC-less cyber industry

[13:38] Teaching complicated topics with clear visuals & simple comparisons

[19:37] Podcasting his way to better SOC consulting skills

[26:12] Finding a balance between jack of all trades & single skill master

Sponsor Links:

Thank you to our sponsor Axonius for bringing this episode to life!

The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley

What do you think are the makings of a good instructor, especially for SANS?

Transitioning from the world of electrical and computer engineering, John’s journey to becoming a SANS instructor took over 3 years of study. Although he jokes that training to be a SANS instructor was the longest job interview ever, John is thankful for the mentorship and inspiration his training gave him. SANS courses require long hours and hard work, but John believes the best instructors bring a real love for what they do to each class.

“The technical aspect has to be there in a very strong way. Beyond that, you have to deliver this message not only with razor sharp clarity, but also with passion and energy. People are sitting there watching you talk for hours. If you aren't excited, they're not going to be excited.”

Cyber defense is a pretty broad topic. What makes you feel comfortable teaching a course on cyber defense?

Cyber defense can be a topic that’s both broad and confusing for students, but John has been dedicated to building a curriculum that cuts through the confusion and inspires innovation. Teaching his students to focus on priorities, John wants to bring clarity to complex topics like SOCs, Kerberos, and related security issues. While the topics can be broad and debatable, John wants to equip his students with real world examples and simple comparable concepts.

“If there was one word I was going to summarize both of the classes I teach with, it’s ‘priorities.’ It's getting the right stuff there first, and not getting distracted by all the other details that are potentially trying to pull you in the wrong direction.”

Have there been unintended benefits to being a podcast host, that either helps you as an instructor, or even someone that does consulting in the SOC space?

Taking the chance to start the Blueprint podcast was inspired partly by John’s previous interest in podcasts like Security Now, but also by his pursuit of learning content creation. Starting a podcast, for John, was an exercise in testing his comfort zone. Learning the technical aspects as well as the creative aspects of content creation and podcast hosting continues to build John’s confidence in his storytelling and teaching skills.

“For me, a lot of things have come out of podcasting. Probably one of the biggest things is just flexing that muscle of doing things that are slightly uncomfortable and scary. Any time you think, ‘I don't know if I can pull this off. Should I do it?’ The answer should always be yes.”

What is one piece of advice or philosophy that enables you to do more and squeeze as much as you can out of life?

In the same way that he teaches his SANS students about priorities, John focuses on his personal priorities often in order to accomplish his well-rounded, jack of all trades lifestyle. Building new skills and cataloging new experiences feels vital for John. Taking full advantage of the time he’s been given and getting curious about expanding his comfort zone is an essential philosophy that has taught John not only about cyber defense, but about every hobby he enjoys as well.

“I try to get up as early as I can manage to get up every day, well before I start getting emails and meeting requests and all sorts of stuff like that, and try to plan out my day and ask myself, ‘How am I going to actually approach doing the things that matter the most to me?’”

---------------

Links:

Keep up with our guest John Hubbard on LinkedIn, Twitter, and YouTube

Listen to John’s podcast on the Blueprint Blog

Learn more about John’s work on the SANS Institute website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Avsnitt(404)

Looking Backward to GROW Forward in Cybersecurity in 2024

Looking Backward to GROW Forward in Cybersecurity in 2024

In this episode, we’ll take a walk down memory lane. Hacker Valley looks back to 2023 to bring you some of the best clips with great advice and insight into being more creative, reflective, and resourceful with the hopes of inspiring you in 2024 to grow beyond where you are today. Impactful Moments 00:00 - Welcome 00:54 - A New Year is on the Way! 01:54 - ChatGPT and Cybersecurity 04:40 - Becoming an Industry Creative 07:47 - Leveraging AI in the Future with Storytelling - with Scott Sunderland 09:12 - Advice for your Content Creation Journey - with Jason Rebholz 11:15 - How to Start your Cybersecurity Book - with Kim Crawley 14:13 - Join our Mastermind 14:50 - The Right Platform for You - with Phillip Wylie 17:08 - Finding your Focus - with Simone Biles & Amy Bream 20:41 - Leveraging Human Resources in Cyber   Links: Check out the episodes highlighted: ChatGPT & Industry Creative-https://www.youtube.com/watch?v=-u6m0SXFTmA Scott Sunderland-https://www.youtube.com/watch?v=5pwTruINFiM Jason Rebholz-https://www.youtube.com/watch?v=Ao81IRnffc8 Kim Crawley-https://www.youtube.com/watch?v=rKny7kVeRM0 Phillip Wylie-https://www.youtube.com/watch?v=z5B1E2vp0DY Simone Biles & Amy Bream-https://www.youtube.com/watch?v=DiebZS9s7sg Cyber Resources-https://www.youtube.com/watch?v=UoTk3w_78co Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleys... Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

2 Jan 202423min

What’s Lurking In Your Containers? AMBERSQUID Operations, Freejacking, and Microservice Exploitation

What’s Lurking In Your Containers? AMBERSQUID Operations, Freejacking, and Microservice Exploitation

In this episode, Host Ron Eddings, discusses new tactics of adversaries with Director of Threat Research at Sysdig, Michael Clark. Michael digs into the cloud and shares trends about the AMBERSQUID operation and how to protect yourself from potential container-based threats.   Impactful Moments 00:00 - Welcome 01:20 - Introducing guest Michael Clark 03:09 - Finding AMBERSQUID 06:46 - Mining and Monitoring AWS Services 10:47 - Defending Against AMBERSQUID 14:03 - The Speed of Container-Based Threats 18:13 - The Costs of Freejacking 23:08 - Attribution & The Future Threat 26:30 - CIEMs Like You Have Secrets   Links: Connect with Michael Clark: https://www.linkedin.com/in/michaelclarkinpa/ Check out Sysdig’s Threat Research: https://sysdig.com/threat-research/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

19 Dec 202323min

Pivotal Policy in the Age of AI with AJ Grotto

Pivotal Policy in the Age of AI with AJ Grotto

In this episode, Host Chris Cochran chats it up with former White House Senior Director for Cyber Policy, AJ Grotto. AJ shares his viewpoints about the current state of AI policies, the potential risks and benefits of AI technology, and the challenges in crafting effective policies in the field of cybersecurity. Impactful Moments 00:00 - Welcome 00:45 - Introducing guest, AJ Grotto 01:14 - Are Cyber and AI Separate? 03:37 - US Cyber Policy 08:06 - The Reality of AI Risk 11:20 - From Law to Cyber Policy 14:47 - Join our Mastermind! 15:36 - Policy Implementations 18:55 - Cyber Warfare and AI 22:13 - Advice for Getting into Cyber Policy   Links: Connect with AJ: https://www.linkedin.com/in/andrew-grotto-2534b510a/ More about AJ and his current work: https://fsi.stanford.edu/people/andrew-j-grotto Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleys... Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

12 Dec 202324min

Ransomware: How to Use AI to Create a Readiness Kit with Scott Sutherland

Ransomware: How to Use AI to Create a Readiness Kit with Scott Sutherland

The adversary is using Artificial Intelligence. Why aren’t you? In this episode, Host Chris Cochran talks with Scott Sutherland, VP of Research at NetSPI, about everyone’s favorite hot topics; ransomware and AI. Scott will detail his experience with simulating ransomware attack scenarios, as well as discussing the difficulties businesses face when dealing with ransomware threats and prevention mechanisms and how AI can be leveraged to help. Impactful Moments 00:00 - Welcome 01:10 - Introducing guest, Scott Sunderland 03:24 - Interactions with Generative AI Chatbots 04:14 - Use of AI and Readiness 15:16 - A word from our Sponsor, NetSPI 15:55 - Using AI to develop Exercises 20:46 - Collaboration beats Adversaries 25:08 - Ransomware Bots 26:15 - Role of AI in Storytelling Continuously keep pace with your expanding attack surface with the most comprehensive suite of offensive security solutions: https://www.netspi.com/hackervalley Links: Connect with Scott Sutherland: https://www.linkedin.com/in/scottpsutherland/ Learn more about our sponsor, NetSPI: https://www.netspi.com/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

5 Dec 202328min

Cover Your SaaS: Navigating OAuth and SaaS Security Challenges

Cover Your SaaS: Navigating OAuth and SaaS Security Challenges

SaaS misconfigurations may be responsible for up to 63% of security incidents. Do your SaaS applications have risky OAuth grants and misconfigurations? Let’s not find out. We will unravel the complexities of OAuth and how attackers are using OAuth to move from one app to another. Our special guest Jaime Blasco, co-founder and CTO at Nudge Security, shares techniques to protect your SaaS apps and identify risky and malicious OAuth grants. Are you ready to cover your SaaS and avoid finding yourself in the hot seat?    Show some love to our sponsor Nudge Security and win a Steam Deck: https://www.nudgesecurity.com/steamdeck   Links: Connect with Jamie Blasco: https://www.linkedin.com/in/jaimeblasco/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

28 Nov 202345min

Standing Out On LinkedIn as a Cybersecurity Professional with Chris Hughes

Standing Out On LinkedIn as a Cybersecurity Professional with Chris Hughes

In this episode, host Ron Eddings speaks with Chris Hughes, President at Aquia, Cyber Innovation Fellow at CISA, and cybersecurity legend. Special guest, Chris Hughes, was initially inspired to build a personal brand through a desire to mend his weaknesses and highlight his strengths. However, LinkedIn offered a platform to display his growth and learning, leading to him amassing over 50,000 followers! In addition to sharing his story, Chris will emphasize tips on how to start your own personal brand.   Key Moments: 00:00 -Welcome 00:56 - Introducing Guest, Chris Hughes 01:59 - Finding His Way to Cyber 03:20 - Brand Building on LinkedIn 05:19 - Power of Networking and Personal Branding 11:32 - Be a Part of Cyber Creator Con! 14:31 - The Impact of LinkedIn on Career Opportunities 16:48 - The Art of Content Creation on LinkedIn 20:16 - Cashing in on Career Capital 22:05 - Advice for Building a Personal Brand   Links: Follow Chris on LinkedIn: https://www.linkedin.com/in/resilientcyber/ Check out Chris’ Podcast: https://resilientcyber.substack.com/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

21 Nov 202323min

Adversarial AI: Navigating the Cybersecurity Landscape

Adversarial AI: Navigating the Cybersecurity Landscape

In this episode, host Ron Eddings is joined by Sr. Director of Red Team Operations at Coalfire, Pete Deros, to discuss the hottest topic around; adversarial AI. Ron and Pete discuss how AI is used and how the adversary is using AI so everyone can stay one step ahead of them as well. Impactful Moments 00:00 - Welcome 01:35 - Introducing Pete Deros 03:30 - More Easily Phished 05:09 - 11 Labs Video 06:42 - Is this AI or LLM? 9:18 - AI or LLMs: Who has the Speed? 10:36 - Fine Tuning LLMs 14:37 - WormGPT & Hallucinations 17:01 - LLMs Changing Second to Second 18:38 - A Word From Our Sponsor 20:19 - ‘Write me Ransomware!' 23:24 - Working Around AI Roadblocks 28:00 - “Undetectable for A Human” 31:58 - Pete Can Help You Floss! 34:56 - OWASP Top 10 & Resources 37:00 - Check out Coalfire   Links: Connect with our guest Pete Deros: https://www.linkedin.com/in/pete-deros-94524b9a/ Coalfire’s Website: https://www.coalfire.com/ Coalfire Securialities Report: https://www.coalfire.com/insights/resources/reports/securealities-report-2023-compliance OWASP Top 10 LLM: https://owasp.org/www-project-top-10-for-large-language-model-applications/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

7 Nov 202339min

Protecting What You Can’t See with HD Moore

Protecting What You Can’t See with HD Moore

In this episode, host Ron Eddings is joined by Metasploit creator, co-founder and CEO of runZero, HD Moore. HD changed the world with Metasploit and he’s doing it again with runZero. Attack Surface Management can’t happen unless you have visibility into your home or company network and HD shares how he’s able to deliver that and so much more in his journey of creating runZero. Impactful Moments 00:00 - Welcome 00:50 - Introducing guest, HD Moore 01:30 - Fixing the Root Cause 05:00 - runZero 10:54 - A New Kind of CAASM 12:00 - Uncover the Unknown 14:08 - runZero Raving 17:45 - “Trust me, you can scan OT” 20:10 - You Can Scan if You Want To 22:30 - Red to Blue Judo Skills Links: Connect with our guest HD Moore: https://www.linkedin.com/in/hdmoore/ Check out runZero: https://www.runzero.com/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleys... Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

31 Okt 202324min

Populärt inom Utbildning

rss-bara-en-till-om-missbruk-medberoende-2
historiepodden-se
det-skaver
alska-oss
nu-blir-det-historia
harrisons-dramatiska-historia
johannes-hansen-podcast
allt-du-velat-veta
sektledare
roda-vita-rosen
rss-sjalsligt-avkladd
not-fanny-anymore
polisutbildningspodden
sa-in-i-sjalen
vi-gar-till-historien
rss-max-tant-med-max-villman
rss-om-vi-ska-vara-arliga
rss-npf-podden
rss-basta-livet
rss-makabert