John Hubbard - At the end of the SEC450 course, what do students come away with?

They're hopefully coming away with a new perspective on how to look at the world as an analyst. A lot of people come in understanding what DNS is and what HTTP is, and maybe a passing familiarity with how it works on the inside. But I want to give them that view of an analyst who has been doing this for years. And say, "Okay this is what I should be looking for in these protocols to say, this is something odd and not normal." You have to know normal to understand what un-normal is, right? So that's one of the things.
I also want to make sure people know how all the data …

--

Learn more about John Hubbard and the SANS SEC450 Blue Team Fundamentals course:
SEC450 course page:
John Hubbard’s bio:
Connect with John on Twitter: twitter.com/SecHubb

sans institute,sans sec450,sec450,blue team fundamentals,john hubbard,cybersecurity,cyber security,cybersecurity training,security operations,soc,infosec,