The Future of Security Operations

Today on the Future of Security Operations Podcast, Thomas is joined by Jack Naglieri, CEO of Panther Labs, a cloud-native SIEM platform that alleviates the pain of traditional SIEM with detection-as-code, a robust security data lake, and huge scalability with zero-ops. 
Topics discussed in this episode:
- The challenges Jack faced while working on security teams at organizations like Yahoo and Airbnb. 
- The difference between security at Yahoo and Airbnb. 
- The origin story of StreamAlert - the open-source tool Jack built while working at Airbnb. 
- How a VCs cold email eventually led to Jack founding Panther Labs and how they acquired their first customers. 
- How Panther is different from traditional SIEM platforms. 
- What you need to know about detection-as-code and security data lakes. 
- Why teams need to focus on security — not operations. 
- Lessons learned from Jack working closely with fast-growing sophisticated security teams that make up Panther’s customer base. 
- What security operations will look like in the future. 
- Why security teams must learn and embrace automation to deal with the challenges of cloud-scale security. 
- What features are coming next from Panther Labs. 
Resources mention on the episode: 
Jack’s podcast: Detection at Scale 
Jack’s blog post: From StreamAlert to Panther 
Jack’s keynote releasing StreamAlert: USENIX Enigma 2017 — StreamAlert: A Serverless, Real-time Intrusion Detection Engine
 

In our sixth episode of the Future of Security Operations Podcast, Thomas speaks with Niall Heffernan, Head of Security at Cygnvs, a former Senior Manager of Information Security at Informatica, and a Lecturer for BSc, HDIP, PGDip and MSc students studying in the Cyber Security streams at the National College of Ireland. 
Topics discussed in this episode:
Niall’s view on the current state of security operations and how it’s evolved over the past 5 years.
What’s top of mind for Niall as he begins building a security operations team from scratch. 
How to prioritize incidents and determining what detections can be ignored using automation. 
What most security practitioners get wrong when they embark on bringing the power of automation to their security program. 
Lessons that security can learn from software engineering. 
How security changes when an organization goes public and why the stakes become so high.  
What can be done to solve the security talent shortage gap.
Niall’s #1 piece of advice for security leaders and and practitioners. 
What’s in store for the future of security operations and why the traditional levels of security analysts will change. 

In our fifth episode of the Future of Security Operations Podcast, Thomas speaks with Dylan White, an Information Security Engineer at KnowBe4 — a leading security awareness training platform.
Topics Discussed: 
What KnowBe4 does and the problem they solve for organizations. 
The most common lures hackers are using today to trick users. 
Dylan’s favorite phishing test of all time — and why it was so effective.  
How to build a culture that takes responsibility for security and why leaders need to make it clear it’s okay if mistakes are made. 
How to make security more approachable for the entire organization.
The state of security automation today and why Dylan is so excited about endless possibilities that automation makes possible for security teams.
Manual and mundane tasks that Dylan’s been able to automate and free his team from spending (and wasting) their time on.  
How automation has made his team 5x more effective. 
What Dylan sees security practitioners get wrong about security automation. 
Dylan’s advice for security leaders and how they can set their teams up for success with automation.  
What’s in store for the future of security automation.

In our fourth episode of the Future of Security Operations Podcast,  Thomas speaks with Johannes Gilger— CEO and founder of urlscan, a URL and website scanner that enables users to take a look at the individual resources that are requested when a site is loaded. Prior to founding urlscan, Johannes was the managed the Threat Intelligence Automation team at CrowdStrike
Topics discussed in this episode:
What urlscan is and how it works.
Why Johannes founded urlscan and why he thinks the security community is so collaborative. 
Johannes journey that eventually led to founding urlscan and why he decided to leave Crowdstrike to focus his attention on urlscan. 
How automation transforms security investigations. 
What urlscan users get wrong about automation. 
The #1 piece of advice Johannes has for security operations teams getting started with automation. 
Tips for customer-facing brands to reduce their attack target size. 
What future security challenges will look like in the years ahead and how organizations can use automation to get prepared for what’s next.

In our third episode, we speak with Maxime Lamothe-Brassard — CEO and founder of LimaCharlie, a security infrastructure as a service tool that gives security teams full control over how they manage their security infrastructure. Maxime’s unique perspectives come from a career in security, including Canada’s NSA, Google, Arc4dia, and the early days of Crowdstrike. 
Topics discussed in this episode: 
The problem LimaCharlie solves. 
What endpoint hygiene means and lessons Maxime learned from working at Google. 
How Maxime describes the state of security today. 
Maxime’s philosophy for how cybersecurity products should be marketed and sold to customers. 
How small improvements can lead to major change over time. 
How better tools and great APIs can remove the “boring stuff” so security teams can focus on more exciting work. 
Where Maxime sees security headed in the future.

In our second episode, we speak with Elastic’s Product Marketing Director James Spiteri, an experienced security practitioner turned product marketer with a passion for making security accessible and easy for anyone and everyone. 
Topics discussed in this episode:
Why James joined Elastic four years ago. 
What Elastic is and the different use cases the company offers (Did you know every Netflix search uses their Elastic?). 
How James has seen security operations evolve over the years and why the industry still faces the same data problem it faced five years ago.  
What Elastic is doing to tackle analyst burnout and mental health including “shut it down days” two Fridays per month. 
How Elastic leverages the power of no-code security automation.  
The #1 piece of advice James has for security teams. 

The security world has undergone a seismic shift. What a few years ago seemed impossible like having a 100% remote team without a decrease in productivity, today is a reality. But what has been the cost?
Do I have a process in place or do I have one person that's holding a lot of the processes together? What other questions should leaders ask themselves to determine the state of security operations and the impact these are having on their teams?
In our first episode, we are joined by Lena Smart, CISO of MongoDB, an inspiring leader who enjoys building teams and models from scratch, not losing sight of one of the most pressing topics of our time: burnout.
Topics discussed in this episode:
How Lena became MongoDB's first CISO.
How she sees the state of security operations today.
What MongoDB does to address burnout and mental health issues in security teams.
What Lena advises to do to overcome burnout.
How to make security roles more accessible to minorities.
Advice for CISOs who are building a security program for the first time.
What security operations will look like in a few years' time.

Security teams are feeling burned out and overwhelmed. They are spending most of their time on alerts and tedious manual tasks, experiencing frustration and churn. 
How do you automate these mundane security work that analysts are drowning in?
The Future of Security Operations podcast is about empowering security operations teams and leaders and helping them remove the barriers that are preventing them from doing the high value strategic work that truly matters. 
Welcome to our podcast show where security leaders reimagine the future of security operations!