Implementing a Kick-Butt Training Program - Blue Team Go

Discover a framework for implementing an effective on-boarding and baseline training program for hands-on incident response roles in this conference talk from BSidesSF 2019. Learn how to develop strong responders for SOC and CIRT positions by addressing the challenges of staffing and skill development. Explore a flexible approach that can be deployed in multiple phases or as an intensive bootcamp-style training. Gain insights into experiential training methods that teach analysts the underlying principles and functionalities of their processes and tools. Understand the importance of equipping your blue team with comprehensive knowledge spanning company operations, SIEM, network forensics, host-based forensics, malware analysis, threat hunting, and intelligence work. Move beyond simple button-pushing to create analysts who truly grasp the intricacies of their tools, enabling them to effectively counter adversaries and red teams.

BSidesSF 2019 - Implementing a Kick-Butt Training Program: BLUE TEAM GO! (Ryan Chapman)