What are the essential differences between the perspectives of the NOC analyst and the SOC Analyst? Hint: It's not tech. The question gets to the essence of security.

Ptacek & Newsham's paper is a perennial favorite of mine: Insertion, Evasion, And Denial Of Service: Eluding Network Intrusion Detection ≈ Packet Storm (packetstormsecurity.com)

A Philosophical Perspective on Trust, Dan Geer: http://geer.tinho.net/geer.issa.trust.18i05.PDF

For discussion in this any various other topics: https://discord.gg/B3gVRya2gn

For event announcements: https://www.linkedin.com/company/nearshore-cyber/events/

I talk about 2 questions here:

What is Threat Hunting?

What approach do you prefer?

Most candidates are going to come up empty-handed. But not all.

Introducing the PEAK Threat Hunting Framework | Splunk

TaHiTI - Dutch Payments Association (betaalvereniging.nl)

Intro to my course on Threat Hunting: https://youtu.be/tiKScGzBm-Y?si=w6O5wuZ7CZkVHAhH

This one is about disrupting the candidate's thinking slightly. Also, it can tell me if the candidate has been in a SOC.

• https://www.isaca.org/resources/isaca-journal/issues/2017/volume-6/assurance-across-the-three-lines-a-collaborative-defense
• Building a Cyber Risk Management Program

To join the Nearshore Cyber Discord: https://discord.gg/zxG5uyYwqg