I just stumbled across this video. I just started watching it but you hit it right on the head at the begining about SOC analyst missing core skills. I been working in a SOC as a SOC analyst for last 5 years. I came into this job straight from getting my AS in CIS which was concentrated in Networking Administration. I landed this job and fell in love with security. I no longer wanted to do networking but focus on sharpening my security skills but feel the networking gave me a solid foundation to build upon. I totaly understand about missing some skills as security was not my background but I have since come a long way and I am continuing to learn. I now want to get away from Blue Team and want to transition to Red Team eventually but I have a lot to learn before I can do that. I feel like I am at the bottom of Mt. Everest looking up even with 5years under my belt. I will not give up though and will continue to work at sharpening my skills.
Liked the comment "Because the spice must flow" from an infosec IR graybeard. Known-knowns, known-unknowns, unknown-knowns, and unknown-unknowns are primarily where your getting breached. Know normal to identify anomalous. Keep it up BHIS. Your sucking less at capitalism everyday.
I would like to thank you, Black Hills team for sharing your knowledge, I really appreciated that webcast the most. I was looking for advice how is it to be an analyst because I feel what I do as an analyst is not enough. I see all those mistakes in the company where I work. As an analyst I don't understand that some things you teach about it are not implemented. They are basic things and when I ask questions about that at work I just receive that our company is different and we can't implement that. Now I know those are common mistakes companies do.
John Strand - I love that you have pointed out how essential it still is to RTFM. So many questions can be answered simply by reading the documentation. This video is another excellent resource and I'm grateful for it.
probably worth mentioning to new analysts that sigma rule autotranslate doesn’t work well for kql, and you’ll wanna actually understand what’s IN a sigma rule, and how to write kql queries, to translate the rules yourself. not a big ask, but bears knowing
Really good talk, more actionable than so many you find online! The cybersecurity/IT field is so vast, as a beginner it's very very easy to get overwhelmed - there's literally an infinite amount to learn. So thank you for the specific recommendations. Although to run the latest version of Security Onion you basically need a dedicated device :(
Thanks for this great video. I've watched it twice to make a checklist for me and my team to review so we can work on strengthening our understanding of the fundamentals. Hopefully some of us can attend the 4-day class in December.
Im literally taking notes on this video. Stuck in a govt agency position where I'm not using my University degree and practices of applications is scarce with amount of work time
I read about you(J.S) in "tribe of hackers: red teaming" I watched a few videos and I gotta say I am impressed by your insight, experience and methods. I love learning and love your channel!
I just stumbled across this video. I just started watching it but you hit it right on the head at the begining about SOC analyst missing core skills. I been working in a SOC as a SOC analyst for last 5 years. I came into this job straight from getting my AS in CIS which was concentrated in Networking Administration. I landed this job and fell in love with security. I no longer wanted to do networking but focus on sharpening my security skills but feel the networking gave me a solid foundation to build upon. I totaly understand about missing some skills as security was not my background but I have since come a long way and I am continuing to learn. I now want to get away from Blue Team and want to transition to Red Team eventually but I have a lot to learn before I can do that. I feel like I am at the bottom of Mt. Everest looking up even with 5years under my belt. I will not give up though and will continue to work at sharpening my skills.
'scuse the hyperbole, but this is the kinda talk that can change someone's life. john is always so ON POINT.
1:12:57 that really Hit Home 👍 so true
Are the slides not available to the public?
Liked the comment "Because the spice must flow" from an infosec IR graybeard. Known-knowns, known-unknowns, unknown-knowns, and unknown-unknowns are primarily where your getting breached. Know normal to identify anomalous. Keep it up BHIS. Your sucking less at capitalism everyday.
when the video opened and the music played, I don't know why but I was waiting for someone to say " I'm BatMaN..."
Sending all my students your way for the December class; thanks so much for all y'all do!
Where are all the cybersecurity jobs at though? He said they were pulling people off the streets yet i cant seem to find an entry level job😭
Mr. Strand appreciate the Dune reference. Just don't hear those anymore.
Thank you very much John for sharing this!
I would like to thank you, Black Hills team for sharing your knowledge, I really appreciated that webcast the most. I was looking for advice how is it to be an analyst because I feel what I do as an analyst is not enough. I see all those mistakes in the company where I work. As an analyst I don't understand that some things you teach about it are not implemented. They are basic things and when I ask questions about that at work I just receive that our company is different and we can't implement that. Now I know those are common mistakes companies do.
Funny and informative!
As a security analyst. I approve this message.
John Strand - I love that you have pointed out how essential it still is to RTFM. So many questions can be answered simply by reading the documentation. This video is another excellent resource and I'm grateful for it.
This resonates with me so much. I'm drowning right now and can't spell "syber".
this help me a lot , thanks
probably worth mentioning to new analysts that sigma rule autotranslate doesn’t work well for kql, and you’ll wanna actually understand what’s IN a sigma rule, and how to write kql queries, to translate the rules yourself. not a big ask, but bears knowing
loved this! ty!
This is so cool!
Really good talk, more actionable than so many you find online! The cybersecurity/IT field is so vast, as a beginner it's very very easy to get overwhelmed - there's literally an infinite amount to learn. So thank you for the specific recommendations. Although to run the latest version of Security Onion you basically need a dedicated device :(
Thanks for this great video. I've watched it twice to make a checklist for me and my team to review so we can work on strengthening our understanding of the fundamentals. Hopefully some of us can attend the 4-day class in December.
extrahop was pretty slick.. .not gonna lie. but that was 2 years ago when I was working with it.. That was visibility for sure..
Im literally taking notes on this video. Stuck in a govt agency position where I'm not using my University degree and practices of applications is scarce with amount of work time
Can we still find these slides somewhere? This was an awesome webcast and I'm really excited to follow those links!
Preach John Preach! I'm Ready!
May the force be with yah!
I understand the reference
Gamer machine in the background !
I can listen to John all day man lol
Great tips at 20:28
BHIS = value add
Inspiring Presentation!
I read about you(J.S) in "tribe of hackers: red teaming" I watched a few videos and I gotta say I am impressed by your insight, experience and methods. I love learning and love your channel!