John Strand - I love that you have pointed out how essential it still is to RTFM. So many questions can be answered simply by reading the documentation. This video is another excellent resource and I'm grateful for it.
I just stumbled across this video. I just started watching it but you hit it right on the head at the begining about SOC analyst missing core skills. I been working in a SOC as a SOC analyst for last 5 years. I came into this job straight from getting my AS in CIS which was concentrated in Networking Administration. I landed this job and fell in love with security. I no longer wanted to do networking but focus on sharpening my security skills but feel the networking gave me a solid foundation to build upon. I totaly understand about missing some skills as security was not my background but I have since come a long way and I am continuing to learn. I now want to get away from Blue Team and want to transition to Red Team eventually but I have a lot to learn before I can do that. I feel like I am at the bottom of Mt. Everest looking up even with 5years under my belt. I will not give up though and will continue to work at sharpening my skills.
Liked the comment "Because the spice must flow" from an infosec IR graybeard. Known-knowns, known-unknowns, unknown-knowns, and unknown-unknowns are primarily where your getting breached. Know normal to identify anomalous. Keep it up BHIS. Your sucking less at capitalism everyday.
Thanks for this great video. I've watched it twice to make a checklist for me and my team to review so we can work on strengthening our understanding of the fundamentals. Hopefully some of us can attend the 4-day class in December.
I would like to thank you, Black Hills team for sharing your knowledge, I really appreciated that webcast the most. I was looking for advice how is it to be an analyst because I feel what I do as an analyst is not enough. I see all those mistakes in the company where I work. As an analyst I don't understand that some things you teach about it are not implemented. They are basic things and when I ask questions about that at work I just receive that our company is different and we can't implement that. Now I know those are common mistakes companies do.
Really good talk, more actionable than so many you find online! The cybersecurity/IT field is so vast, as a beginner it's very very easy to get overwhelmed - there's literally an infinite amount to learn. So thank you for the specific recommendations. Although to run the latest version of Security Onion you basically need a dedicated device :(
I read about you(J.S) in "tribe of hackers: red teaming" I watched a few videos and I gotta say I am impressed by your insight, experience and methods. I love learning and love your channel!
Im literally taking notes on this video. Stuck in a govt agency position where I'm not using my University degree and practices of applications is scarce with amount of work time
probably worth mentioning to new analysts that sigma rule autotranslate doesn’t work well for kql, and you’ll wanna actually understand what’s IN a sigma rule, and how to write kql queries, to translate the rules yourself. not a big ask, but bears knowing
'scuse the hyperbole, but this is the kinda talk that can change someone's life. john is always so ON POINT.
John Strand - I love that you have pointed out how essential it still is to RTFM. So many questions can be answered simply by reading the documentation. This video is another excellent resource and I'm grateful for it.
Preach John Preach! I'm Ready!
Sending all my students your way for the December class; thanks so much for all y'all do!
May the force be with yah!
Thank you very much John for sharing this!
I just stumbled across this video. I just started watching it but you hit it right on the head at the begining about SOC analyst missing core skills. I been working in a SOC as a SOC analyst for last 5 years. I came into this job straight from getting my AS in CIS which was concentrated in Networking Administration. I landed this job and fell in love with security. I no longer wanted to do networking but focus on sharpening my security skills but feel the networking gave me a solid foundation to build upon. I totaly understand about missing some skills as security was not my background but I have since come a long way and I am continuing to learn. I now want to get away from Blue Team and want to transition to Red Team eventually but I have a lot to learn before I can do that. I feel like I am at the bottom of Mt. Everest looking up even with 5years under my belt. I will not give up though and will continue to work at sharpening my skills.
Liked the comment "Because the spice must flow" from an infosec IR graybeard. Known-knowns, known-unknowns, unknown-knowns, and unknown-unknowns are primarily where your getting breached. Know normal to identify anomalous. Keep it up BHIS. Your sucking less at capitalism everyday.
Thanks for this great video. I've watched it twice to make a checklist for me and my team to review so we can work on strengthening our understanding of the fundamentals. Hopefully some of us can attend the 4-day class in December.
I would like to thank you, Black Hills team for sharing your knowledge, I really appreciated that webcast the most. I was looking for advice how is it to be an analyst because I feel what I do as an analyst is not enough. I see all those mistakes in the company where I work. As an analyst I don't understand that some things you teach about it are not implemented. They are basic things and when I ask questions about that at work I just receive that our company is different and we can't implement that. Now I know those are common mistakes companies do.
As a security analyst. I approve this message.
Really good talk, more actionable than so many you find online! The cybersecurity/IT field is so vast, as a beginner it's very very easy to get overwhelmed - there's literally an infinite amount to learn. So thank you for the specific recommendations. Although to run the latest version of Security Onion you basically need a dedicated device :(
Funny and informative!
this help me a lot , thanks
loved this! ty!
This is so cool!
1:12:57 that really Hit Home 👍 so true
I read about you(J.S) in "tribe of hackers: red teaming" I watched a few videos and I gotta say I am impressed by your insight, experience and methods. I love learning and love your channel!
Great tips at 20:28
I can listen to John all day man lol
Can we still find these slides somewhere? This was an awesome webcast and I'm really excited to follow those links!
Im literally taking notes on this video. Stuck in a govt agency position where I'm not using my University degree and practices of applications is scarce with amount of work time
Inspiring Presentation!
This resonates with me so much. I'm drowning right now and can't spell "syber".
extrahop was pretty slick.. .not gonna lie. but that was 2 years ago when I was working with it.. That was visibility for sure..
Are the slides not available to the public?
Gamer machine in the background !
when the video opened and the music played, I don't know why but I was waiting for someone to say " I'm BatMaN..."
Where are all the cybersecurity jobs at though? He said they were pulling people off the streets yet i cant seem to find an entry level job😭
I understand the reference
probably worth mentioning to new analysts that sigma rule autotranslate doesn’t work well for kql, and you’ll wanna actually understand what’s IN a sigma rule, and how to write kql queries, to translate the rules yourself. not a big ask, but bears knowing
Mr. Strand appreciate the Dune reference. Just don't hear those anymore.
BHIS = value add