Blueprint: Build the Best in Cyber Defense
Episodes
The 2 AM Call: A Ransomware Negotiator's Playbook with Wade Gettle
09 Feb 2026
Contributed by Lukas
What happens after you discover ransomware? You have to talk to the attackers. And that conversation can make or break your entire response.In this ep...
Infiltration Alert! How to Catch Fake IT Employees in Your Network with Zak Stufflebeam
05 Jan 2026
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!This episode is a big one! We kick off 2026 with a critical lessons learned on how to detec...
Leading by Example: Confidence and Responsibilty in Cybersecurity with Zak Stufflebeam
19 Aug 2025
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode, we sit down with Zak Stufflebeam, Director of Cybersecurity at a publicly ...
From the SANS Cyber Leaders Podcast: Fighting Back with John Hubbard
27 Jun 2025
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!This podcast episode is from the SANS Cyber Leaders Podcast.The episode features Blueprint ...
Redefining Security Operations: Lessons in AI Integration with James Spiteri
12 Jun 2025
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode of Blueprint, host John Hubbard sits down with James Spiteri from Elastic t...
From Special Forces to Cybersecurity: Rich Greene on Communication and Persuasion in Infosec
09 Apr 2025
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode, we sit down with Rich Greene, a former United States Army Special Forces G...
SOC Dashboards Done Right with Ryan Thompson
18 Feb 2025
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode, we sit down with Ryan Thompson, a seasoned expert in building dashboards t...
Success Simplified - The 3 Step Process for Hitting Your Career Goals in 2025 with John Hubbard
01 Jan 2025
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Surprise!! It's a mini solo episode to kick off the new year and it's on one of t...
How Phishing Resistant Credentials Work with Mark Morowczynski and Tarek Dawoud
02 Dec 2024
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Mark Morowczynski returns for his 4th(!) time with his Microsoft coworker and identity and ...
How GenAI is Changing Your SOC for the Better with Seth Misenar
09 Oct 2024
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this mega-discussion with Seth Misenar on GenAI and LLM usage for security operations we...
From Clues to Containment - Unraveling A Gift Card Fraud Scheme with Mark Jeanmougin
09 Oct 2024
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode, we take you behind the scenes of a complex gift card fraud investigation. ...
Bonus Episode: What does it take to author a cybersecurity book?
03 Aug 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Have you ever wondered what it takes to write and publish an information security book? In ...
Strategy 11: Turn up the Volume by Expanding SOC Functionality
18 Jul 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!"This final chapter of the book is no simple closer! "Turn Up the Volume by Expan...
Strategy 10: Measure Performance to Improve Performance
10 Jul 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!"Metrics, is there any more confusing and contentious topic in cybersecurity? In this ...
Strategy 9: Communicate Clearly, Collaborate Often, Share Generously
05 Jul 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!"Research has shown that communication is one of the most important factors for succes...
Strategy 8: Leverage Tools and Support Analyst Workflow
26 Jun 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Tool choice can be a make-or-break decision for security analysts, driving whether getting ...
Blueprint Live at the SANS Blue Team Summit 2023
22 Jun 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this special live recording from the SANS Blue Team Summit 2023, Kathryn Knerler, Ingrid...
Strategy 7: Select and Collect the Right Data
19 Jun 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!There's no denying that the average security team is completely overwhelmed with optio...
Strategy 6: Illuminate Adversaries with Cyber Threat Intelligence
12 Jun 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Every security team has limited budget and time, how do you know where to focus? Cyber Thre...
Strategy 5: Prioritize Incident Response
05 Jun 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!No security team is perfect, so in this episode, authors Carson, Ingrid, and Kathryn discus...
Strategy 4: Hire AND Grow Quality Staff
29 May 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode we dive deep on the "People" factor of the SOC. Who should you hi...
Strategy 3: Build a SOC Structure to Match Your Organizational Needs
22 May 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode we discuss how to decide on the right org structure and capabilities of you...
Strategy 2: Give the SOC the Authority to Do Its Job
15 May 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Though a SOC is responsible for protecting your organization's assets, it is not the o...
Strategy 1: Know What You Are Protecting and Why
08 May 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!As the saying goes, "If you don't know where you're going, any road will tak...
11 Strategies of a World-Class Security Operations Center: Fundamentals
08 May 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Welcome to a brand new season of Blueprint! In this intro episode we discuss "Fundamen...
Get Ready, A Very Special Season 4 Is On the Way!
01 May 2023
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Hello Blueprint listeners! Weโre excited to announce that the release of season 4 of Blue...
Brandon Evans: Cloud Security - Threats and Opportunities
13 Sep 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Ever wonder how a cloud and application security expert views risks of cloud workloads? Wel...
Joe Lykowski: Building a Transparent, Data-Driven SOC
06 Sep 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode we speak with Joe Lykowski - Cyber Defense Lead at a major manufacturing co...
Rob Lee: Training and Reskilling in Cyber Security
30 Aug 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Many of us are either looking to start a cyber security career, improve our knowledge and s...
Jaron Bradley: Securing Enterprise macOS
23 Aug 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this episode of the Blueprint Podcast, we cover monitoring and securing macOS in an ente...
Alexia Crumpton: MITRE ATT&CK for Defenders
16 Aug 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!One of the best frameworks that showed up within the last 5 or so years is undoubtedly the ...
Cat Self: macOS and Linux Security
09 Aug 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Ever wonder why thereโs so little information regarding macOS and Linux-oriented attacks?...
Corissa Koopmans and Mark Morowczynski: Azure AD Threat Detection and Logging
02 Aug 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Nearly every organization is using Microsoft Azure AD services in some respect, but monitor...
Tony Turner: Securing the Cyber Supply Chain
26 Jul 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!John and Fortress Vice President of Research and Development Tony Turner share their wisdom...
Mark Orlando: Building a Stronger Blue Team
19 Jul 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!There are many technical factors that contribute to the success of a security operations te...
Blueprint Live at SANSFIRE 2022: A panel with Heather Mahalik, Katie Nickels and Jeff McJunkin
14 Jul 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Host John Hubbard, Blueprint host and SANS Cyber Defense Curriculum Lead, moderated a panel...
David Hoelzer: Threat Detection with Machine Learning and AI
12 Jul 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Many of us with the typical IT and security backgrounds might not have the slightest idea w...
James Rowley: Creating and Running an Insider Threat Program
12 Jul 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!While malicious insiders are a threat that most of us would like to imagine we might never ...
Dean Parsons: Cyber Security for OT and ICS
12 Jul 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!With ransomware and other highly disruptive attacks on the rise, there are few systems more...
John Hubbard: Your Top Cyber Defense Questions Answered from Seasons 1 + 2
01 Jul 2022
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!It's a special mailbag episode from John Hubbard! After two seasons, John asked the li...
John Hubbard: Key lessons and takeaways from Blueprint Season 2 + A Special Announcement!
08 Jun 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In this solo episode to wrap up season 2, John discusses some of the key takeaways from the...
Mark Morowczynski & Thomas Detzner: Microsoft Incident Response Playbooks
01 Jun 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!We all need solid, well though-out playbooks to help standardize our respons to common thre...
AJ Yawn: Cloud, Compliance and Automating Security
25 May 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Compliance and audit checks can be painful, and that's before you introduce additional...
Jamie Williams: Adversary Emulation
18 May 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!There are numerous ways to test your SOC's detection and prevention capabilities, but ...
Josh Johnson: PowerShell and Defensive Automation for the Blue Team
11 May 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!PowerShell may seem intimidating, but it can be one of the most amazing and useful tools at...
Chris Baker: Get A Handle On Your Vulnerabilities
04 May 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!This episode is all about vulnerability management - both the technical and human aspects. ...
Mick Douglas & Flynn Weeks: Simplifying your Logging Strategy with the What2Log Project
27 Apr 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!A common question from many defenders is "Which logs are the most important?โ In thi...
Anton Chuvakin: The Current State and Future of Security Operations
20 Apr 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In todayโs episode, John is joined by Anton Chuvakin to discuss current and future securi...
Rob van Os: Maturing your Cyber Defense
13 Apr 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Are you a manager looking to build or improve your SOC? Are you trying to understand how to...
AppSec, DevOps and DevSecOps
06 Apr 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!What is AppSec, DevOps and DevSecOps? In this episode we discuss why defenders should know ...
Playbook for Security Onion
30 Mar 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Driving consistency and maintaining a high standard for alert response is a problem all SOC...
The Blue Teamer's Blueprint for Malware Triage
30 Mar 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Even if you're not a malware analyst, any blue teamer should be able to do some initia...
SOC Metrics: Measuring Success and Preventing Burnout
30 Mar 2021
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Looking for a new way to approach the difficult problem of measuring and improving your SOC...
A Machine Learning Primer for the Blue Team
11 Aug 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Austin Taylor discusses the promise and reality of cyber security-centric data science, and...
Empowering Security Researchers Around the World!
04 Aug 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Roberto Rodriguez explains the awesome projects and initiatives he is working on to help bl...
Locking Down and Monitoring Cloud Infrastructure
28 Jul 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Cloud expert Kyle Dickinson discusses common cloud infrastructure attacks, and how you can ...
Passwordless - Can it Be Done?
21 Jul 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Mark and Libby share the new technologies in use at Microsoft to dramatically decrease the ...
Training Yourself in a Quarantined World
14 Jul 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Dave and Ryan speak with John about resources for training yourself, and the challenges of ...
Understanding and Applying Threat Intelligence
07 Jul 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Katie Nickels talks about what threat intelligence is, where to get it, what you should exp...
Privacy Laws: The Future Driver of Cyber Security
30 Jun 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Mary Chaney shares what types of laws we should be concerned about. She discusses her thoug...
Creativity and Choices: Talking About Thinking
23 Jun 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Chris Sanders and Stef Rand discuss qualitative research they conducted on how to use diver...
Shock to the System: Re-Evaluating Your Security Operations
16 Jun 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!In our very first guest interview with Mark Orlando, John asks Mark questions to help us re...
The Art of Blue Teaming
16 Jun 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Hear host John Hubbard share info on his background, his inspiration and goals for this pod...
Introducing Blueprint
09 Jun 2020
Contributed by Lukas
Click here to send us your ideas and feedback on Blueprint!Blueprint brings you the latest in cyber defense and security operations from top blue team...