All Episodes
Displaying 21 - 40 of 130 in total
Episode 21: Infrastructure Concepts in Modern SOCs
Today’s IT environments are complex ecosystems that include virtual machines, containers, and serverless platforms. In this episode, we demystify these infrastructure ...
Episode 22: Network Architecture Design and Segmentation
Networks are the circulatory system of any digital environment, and securing them is a fundamental responsibility of the cyber analyst. This episode walks through vari...
Episode 23: Identity and Access Management Models
Authentication and authorization form the frontline of defense in every digital environment. In this episode, we explore key identity and access management (IAM) conce...
Episode 24: Encryption and Traffic Security Monitoring
Encryption plays a dual role in cybersecurity—protecting data confidentiality and creating blind spots in visibility. In this episode, we examine how public key infras...
Episode 25: Sensitive Data Handling in the Enterprise
Protecting sensitive data is one of the most urgent and regulated responsibilities in cybersecurity. This episode focuses on the tools and practices analysts use to de...
Episode 26: Network-Based Indicators of Malicious Activity
Your network is constantly broadcasting signals—some of them benign, some of them suspicious. In this episode, we examine network-level indicators that can reveal mali...
Episode 27: Host-Based Indicators of Malicious Activity
While the network tells you what’s coming and going, the host shows you what’s actually happening. In this episode, we explore host-level indicators of compromise—from...
Episode 28: Application Behavior and Anomaly Detection
Applications are often targeted directly by attackers—or exploited indirectly through user interaction. In this episode, we focus on indicators of compromise at the ap...
Episode 29: Social Engineering and Obfuscation Detection
Not all threats come from code—many come from people. This episode explores how attackers use social engineering tactics to bypass technical defenses, trick users, and...
Episode 30: Network Capture and Traffic Inspection Tools
Being a strong analyst means being comfortable working with packets, flows, and raw network data. In this episode, we explore the tools analysts use for network captur...
Episode 31: Log Correlation and Orchestration Platforms (SIEM/SOAR)
Security Information and Event Management (SIEM) systems are the heart of modern detection and alerting. In this episode, we explore how SIEMs collect, correlate, and ...
Episode 32: Endpoint Detection and Response Systems (EDR)
When malware strikes or an insider behaves maliciously, the endpoint is where the evidence lives. In this episode, we dig into Endpoint Detection and Response (EDR) pl...
Episode 33: DNS and IP Intelligence Sources
DNS and IP addresses may seem simple at first glance, but they’re powerful resources for cyber defense—if you know how to use them. In this episode, we explore how ana...
Episode 34: Static File Inspection Tools
Some threats are obvious in logs—others hide in files. In this episode, we introduce static file analysis tools and techniques that allow analysts to inspect suspiciou...
Episode 35: Dynamic Malware Analysis Platforms (Sandboxing)
When static analysis doesn’t provide clear answers, analysts turn to sandboxing—isolated environments where suspicious files can be safely executed and observed. In th...
Episode 36: Common Detection Techniques in the SOC
Detecting threats isn’t just about having the right tools—it’s about applying the right techniques. In this episode, we cover the core detection methods used in securi...
Episode 37: Pattern Recognition and Command Analysis
Threat actors often reuse specific commands, tactics, and patterns of behavior—and analysts learn to recognize those patterns quickly. In this episode, we take a close...
Episode 38: Suspicious Command Interpretation
Sometimes a single command is all it takes to compromise a system—but recognizing the danger isn’t always easy. This episode focuses on how to interpret suspicious com...
Episode 39: Email Analysis for Phishing and Spoofing
Phishing remains one of the most common and effective attack vectors—and analysts are often the last line of defense. In this episode, we walk through how to analyze s...
Episode 40: Hashing and File Integrity Techniques
When a file changes unexpectedly, something important may have happened—and hashing is one of the best tools we have to track it. In this episode, we explain how file ...
