The Secret Sauce of SANS Instructors with John Hubbard
Hacker Valley Studio1 Nov 2022

The Secret Sauce of SANS Instructors with John Hubbard

John Hubbard, SOC consultant, SANS Sr. Instructor and host of the Blueprint Podcast, joins the Hacker Valley team this week to discuss SANS, SOCs, and seeking new hobbies. As the curriculum lead for cyber defense, John breaks down what makes a good SANS instructor and how to inspire passion in students when teaching for long hours. Additionally, John gives away his life hacks for pursuing passions outside of the cybersecurity industry, including podcasting, video editing, music creation, and nutrition.

Time Coded Guide:

[00:00] Instructing for SANS & what it takes to be a good instructor

[07:33] Exploring the potential of a SOC-less cyber industry

[13:38] Teaching complicated topics with clear visuals & simple comparisons

[19:37] Podcasting his way to better SOC consulting skills

[26:12] Finding a balance between jack of all trades & single skill master

Sponsor Links:

Thank you to our sponsor Axonius for bringing this episode to life!

The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley

What do you think are the makings of a good instructor, especially for SANS?

Transitioning from the world of electrical and computer engineering, John’s journey to becoming a SANS instructor took over 3 years of study. Although he jokes that training to be a SANS instructor was the longest job interview ever, John is thankful for the mentorship and inspiration his training gave him. SANS courses require long hours and hard work, but John believes the best instructors bring a real love for what they do to each class.

“The technical aspect has to be there in a very strong way. Beyond that, you have to deliver this message not only with razor sharp clarity, but also with passion and energy. People are sitting there watching you talk for hours. If you aren't excited, they're not going to be excited.”

Cyber defense is a pretty broad topic. What makes you feel comfortable teaching a course on cyber defense?

Cyber defense can be a topic that’s both broad and confusing for students, but John has been dedicated to building a curriculum that cuts through the confusion and inspires innovation. Teaching his students to focus on priorities, John wants to bring clarity to complex topics like SOCs, Kerberos, and related security issues. While the topics can be broad and debatable, John wants to equip his students with real world examples and simple comparable concepts.

“If there was one word I was going to summarize both of the classes I teach with, it’s ‘priorities.’ It's getting the right stuff there first, and not getting distracted by all the other details that are potentially trying to pull you in the wrong direction.”

Have there been unintended benefits to being a podcast host, that either helps you as an instructor, or even someone that does consulting in the SOC space?

Taking the chance to start the Blueprint podcast was inspired partly by John’s previous interest in podcasts like Security Now, but also by his pursuit of learning content creation. Starting a podcast, for John, was an exercise in testing his comfort zone. Learning the technical aspects as well as the creative aspects of content creation and podcast hosting continues to build John’s confidence in his storytelling and teaching skills.

“For me, a lot of things have come out of podcasting. Probably one of the biggest things is just flexing that muscle of doing things that are slightly uncomfortable and scary. Any time you think, ‘I don't know if I can pull this off. Should I do it?’ The answer should always be yes.”

What is one piece of advice or philosophy that enables you to do more and squeeze as much as you can out of life?

In the same way that he teaches his SANS students about priorities, John focuses on his personal priorities often in order to accomplish his well-rounded, jack of all trades lifestyle. Building new skills and cataloging new experiences feels vital for John. Taking full advantage of the time he’s been given and getting curious about expanding his comfort zone is an essential philosophy that has taught John not only about cyber defense, but about every hobby he enjoys as well.

“I try to get up as early as I can manage to get up every day, well before I start getting emails and meeting requests and all sorts of stuff like that, and try to plan out my day and ask myself, ‘How am I going to actually approach doing the things that matter the most to me?’”

---------------

Links:

Keep up with our guest John Hubbard on LinkedIn, Twitter, and YouTube

Listen to John’s podcast on the Blueprint Blog

Learn more about John’s work on the SANS Institute website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Avsnitt(404)

Learning How to Learn: Mastering the Cyber Fundamentals with Rich Greene

Learning How to Learn: Mastering the Cyber Fundamentals with Rich Greene

The real edge in cybersecurity isn’t found in new tools, it’s built through timeless fundamentals and a mindset that never stops learning. In this episode, Ron sits down with Rich Greene, Senior Solutions Engineer and Instructor at SANS Institute, to uncover how true cyber value starts with skills, curiosity, and mindset. Rich shares his remarkable story of surviving a battlefield injury, retraining his brain, and how that journey shaped his approach to mastering cybersecurity. Together, they connect real-world lessons like the recent Discord breach to the core truth that even advanced systems depend on people who master the basics. Impactful Moments 00:00 - Introduction 02:00 - Discord breach and third-party risk 05:00 - Meet Rich Greene from SANS 06:00 - The power of mastering fundamentals 07:00 - Learning how to learn 08:30 - Rich’s story of rebuilding his memory 11:00 - Forcing the brain to grow stronger 12:00 - Top skills that get you paid 14:00 - Skills that lead to fulfillment 16:00 - Fundamentals that fuel long-term success 17:00 - The OSI model decoded 20:00 - Why operating systems matter 21:00 - Security operations fundamentals 23:00 - Why cloud is the #1 must-learn skill 25:00 - Final advice: sharpen your fundamentals   Links Connect with our Rich on LinkedIn: https://www.linkedin.com/in/secgreene/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

16 Okt 25min

How AI Elevates Cyber Hygiene with Jason Rebholz

How AI Elevates Cyber Hygiene with Jason Rebholz

What if protecting your digital twin becomes the new cyber hygiene? In this week's episode, Ron welcomes back cybersecurity leader Jason Rebholz, CEO of Evoke, to discuss how AI is reshaping the fundamentals of cyber hygiene. From data breaches and deepfakes to everyday habits that protect our digital lives, Jason shares how small actions and smarter use of AI can make all the difference. Together, they uncover how our growing digital footprints are giving rise to digital twins, AI replicas that can mirror our behaviors, voices, and even decisions, and what that means for the future of trust, identity, and security. Impactful Moments: 00:00 - Introduction 01:00 - The Neon app data leak story 03:00 - Why our voices are the new passwords 05:00 - How AI can strengthen cyber hygiene 07:00 - Jason’s mission to secure AI systems 09:00 - AI as a force multiplier for defenders 11:00 - Deepfakes and the new social engineering playbook 13:00 - Attackers’ use of AI and what it means for us 15:00 - The rise of digital twins and identity threats 19:00 - How to defend against “yourself” online 20:00 - Final reflection: Trust in the AI age   Links: Connect with Jason on LinkedIn: https://www.linkedin.com/in/jrebholz/ Check out the TechCrunch article on the Neon app data leak story: https://techcrunch.com/2025/09/25/viral-call-recording-app-neon-goes-dark-after-exposing-users-phone-numbers-call-recordings-and-transcripts/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

10 Okt 21min

Securing Software at AI Speed with Varun Badhwar

Securing Software at AI Speed with Varun Badhwar

The biggest security threat isn’t in the cloud, it’s hidden in the code you trust the most. In this episode, Ron sits down with Varun Badhwar, Co-Founder & CEO of Endor Labs, who shares why research shows that nearly 80–90% of application code comes from open source and third-party libraries, not your own developers. Varun discusses the unseen risks of AI-generated software, how attackers can now weaponize vulnerabilities in hours, and why precision in security matters more than ever. He also reveals how AI can be both the ultimate accelerator and the ultimate weakness in modern development.   Impactful Moments: 00:00 - Introduction 02:00 - Varun’s journey from RedLock to Endor Labs 04:00 - Why the software supply chain is broken 07:00 - AI coding assistants and insecure code risks 10:00 - The NPM self-replicating worm discovery 13:00 - Simple controls to enforce Zero Trust in code 16:00 - Pairing AI with security to prevent slop 19:00 - AI-powered security code reviews explained 22:00 - Why 88% of code goes unused 26:00 - Developer efficiency as the new security metric 29:00 - The next wave of AI-driven software threats   Links: Connect with our Endor on LinkedIn: https://www.linkedin.com/in/vbadhwar/     Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

2 Okt 34min

The End of Search and the Rise of AI Browsers and Voices with Ron Eddings

The End of Search and the Rise of AI Browsers and Voices with Ron Eddings

Search engines aren’t dying quietly, they’re being replaced in real time by AI browsers and voice agents. AI isn’t just answering questions anymore; it’s acting for us. In this episode, Ron Eddings explores how tools like NanoBrowser and Comet are reshaping browsing, why Google may be in trouble, and how AI voices are becoming the new interface for productivity. From breakthroughs to risks, this is a front-row look at how AI agents are changing how we work, connect, and live online.   Impactful Moments: 00:00 - Introduction 01:00 - AI agents as everyday tools 02:00 - Testing AI-powered browsers 03:00 - Comet: AI browser from Perplexity 04:30 - Why Google should be worried 05:30 - Real-world tasks for AI browsers 07:00 - Automating cybersecurity inventory 09:00 - Comet in action on LinkedIn 10:00 - Testing for malicious exploits 11:00 - Risks of persuasive AI prompts 12:00 - The rise of voice agents 13:30 - First real-world AI voice experience 15:00 - Security concerns with customer data 16:30 - Double-edged sword of AI adoption 17:30 - System prompt leakage vulnerabilities 18:00 - Why voice could shrink attack surfaces Links: Connect with Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/   Check out NanoBrowser: https://nanobrowser.ai/ Check out Comet by Perplexity: https://www.perplexity.ai/comet Read the article ‘No more links, no more scrolling - the browser is becoming an AI Agent.’ here: https://venturebeat.com/ai/no-more-links-no-more-scrolling-the-browser-is-becoming-an-ai-agent Read the article ‘How Voice AI Prompt Injection Threatens Enterprise Security’ here: https://www.teneo.ai/blog/how-voice-ai-prompt-injection-threatens-enterprise-security   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

25 Sep 18min

Where Automation Ends, Cyber Ingenuity Begins with Phillip Wylie

Where Automation Ends, Cyber Ingenuity Begins with Phillip Wylie

Some tools replace tasks. Others reshape the way we think about security. In this episode, Ron welcomes back Phillip Wylie, one of the most respected voices in offensive security, author, educator, and longtime friend of the Hacker Valley community. With over 27 years of experience across cybersecurity disciplines, Phillip has guided thousands of professionals through his books, talks, and mentorship. He shares how AI is reshaping pen testing and red teaming, the value of automating away repetitive tasks, and why the fundamentals of security will always matter. From defining red teaming in 2025 to guiding newcomers on how to break in, Phillip delivers insights that balance cutting-edge innovation with timeless wisdom. Impactful Moments: 00:00 - Introduction 01:00 - Why Phillip keeps podcasting 03:00 - AI opportunities in pen testing 04:30 - What automation should replace 06:00 - Red teaming vs pen testing in 2025 08:00 - Defining adversary emulation 10:40 - Building the ideal AI assistant 15:00 - The best AI use cases today 18:30 - AI-driven threat modeling 21:00 - Breaking into pen testing now 25:00 - Building a portfolio and personal brand 27:30 - Why in-person networking still matters   Links: Connect with Phillip on LinkedIn: https://www.linkedin.com/in/phillipwylie/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

18 Sep 33min

The Power of Showing Up: Daily Streams, Big Impact with Gerald Auger

The Power of Showing Up: Daily Streams, Big Impact with Gerald Auger

What if showing up with consistency could spark opportunities, create careers, and build a global movement? In this episode, Ron sits down with Gerald Auger, Ph.D., cybersecurity educator, content creator, and founder of Simply Cyber. Gerald shares how his daily livestream grew into a thriving community, why consistency is the key to influence, and how AI is reshaping the way cyber professionals work. From building SimplyCyberCon to launching a new pentesting venture, Gerry’s journey is a masterclass in community, creativity, and courage. This episode is filled with inspiration and practical takeaways for anyone ready to grow their career, brand, or business in cybersecurity.

11 Sep 34min

The Rise of the Autonomous Blue Team with Vineet Edupuganti

The Rise of the Autonomous Blue Team with Vineet Edupuganti

What if defenders had their own AI-powered task force, always on, always adapting, and finally one step ahead of attackers? In this episode, Ron welcomes Vineet Edupuganti, Founder and CEO of Cogent Security, to discuss how AI agents are rewriting the rules of cybersecurity. Vineet shares why traditional vulnerability management is fundamentally broken, why exposure management matters more than ever, and how Cogent is building an “AI Task Force” to give defenders the edge. From his early days in machine learning to reshaping the future of cyber defense, Vineet breaks down the urgent need for automation, context-driven insights, and explainable AI in security. Impactful Moments: 00:00 - Introduction 02:00 - Vineet’s journey into AI and cyber 04:30 - Why vulnerability management is broken 06:10 - Generative AI as a defender’s edge 08:20 - Why AI agents outperform brittle automation 09:45 - The first use cases for Cogent’s agents 12:00 - Rethinking tier-one SOC analyst roles 13:30 - The rise of exposure management (CTEM) 17:10 - Cogent’s vision for an AI task force 18:30 - Early wins and insights with Cogent 20:00 - Biggest misconceptions about AI in security 23:00 - What enterprises should demand from vendors 25:00 - Why explainability is essential in AI systems 27:00 - Startups vs incumbents in cybersecurity innovation 29:30 - Why enterprises must invest in AI now   Links: Connect with our guest, Vineet Edupuganti, on LinkedIn: https://www.linkedin.com/in/vineetedupuganti Learn more about Cogent Security: https://www.cogent.security    Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

4 Sep 37min

Turning AI Into Your Super Tool with Ron Eddings

Turning AI Into Your Super Tool with Ron Eddings

AI is neither friend nor foe, it’s both. The way we choose to use it determines whether it helps or harms. In this solo episode, Ron Eddings shares lessons from his first job at a grocery store, his early days in cybersecurity, and today’s AI-driven landscape. From productivity hacks like meeting transcription, to creative tools like content-aware editing, to the dark side of phishing and deepfakes, Ron shows why human judgment remains the ultimate defense. This is a passionate reminder that the real power isn’t in the tools, it’s in us. Impactful Moments 00:00 - Introduction 01:15 - AI is the tool, not the toolbox 03:00 - A grocery store scam that taught a life lesson 06:00 - The irreplaceable role of human judgment 07:30 - First cybersecurity job at Booz Allen Hamilton 09:00 - How AI boosts productivity with meeting transcription 12:00 - Creative shortcuts with AI in image and video editing 15:00 - Vibe coding and generative red teaming 17:30 - AI-powered phishing and scam emails 18:50 - Testing a deepfake voice on Ron’s mom 21:30 - Why curiosity and skepticism beat AI deception 22:30 - Final challenge: don’t serve AI—make AI serve you Links: Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

28 Aug 22min

Populärt inom Utbildning

historiepodden-se
rss-bara-en-till-om-missbruk-medberoende-2
det-skaver
alska-oss
nu-blir-det-historia
harrisons-dramatiska-historia
johannes-hansen-podcast
sektledare
allt-du-velat-veta
roda-vita-rosen
rss-sjalsligt-avkladd
not-fanny-anymore
polisutbildningspodden
sa-in-i-sjalen
vi-gar-till-historien
rss-npf-podden
rss-om-vi-ska-vara-arliga
rss-max-tant-med-max-villman
dumforklarat
rss-basta-livet