Beyond the Alert
Beyond the Alert
Podcast Description
Beyond the Alert features security operations leaders and SOC professionals sharing battle-tested insights on scaling security capabilities, managing high-performing teams, and leveraging emerging technologies to transform their operations. Join us as we discuss investigation techniques, leadership strategies, and real-world approaches to delivering effective security outcomes in an increasingly complex environment.
Podcast Insights
Content Themes
The show explores themes such as scaling security capabilities, team management, and the integration of emerging technologies. Specific topics include the transition from traditional SOC operations to AI-driven methodologies, as exemplified in the episode with Tyler Martin discussing achieving 60-70% automation efficiency. Other episodes cover investigation techniques, the evolution of leadership strategies in security, and advanced AI guardrail techniques.
Beyond the Alert features security operations leaders and SOC professionals sharing battle-tested insights on scaling security capabilities, managing high-performing teams, and leveraging emerging technologies to transform their operations. Join us as we discuss investigation techniques, leadership strategies, and real-world approaches to delivering effective security outcomes in an increasingly complex environment.
When seven different responders and law firms were thrown into the same ransomware negotiation chat by a threat actor, Eder Ribeiro, Director of Global Incident Response at TransUnion, it became his framework for managing global incident response: map the data, map the people, and look as holistically as possible before acting. To do this, executive trust must be built long before the 3AM phone call requiring million-dollar decisions. Eder breaks down complex security issues “Barney style” and with empathy, remembering that instruction works best when adapted to how the audience receives it, not how the teacher wants to give it.
For emerging AI risks, he’s tracking prompt injection as the attack vector that creates a more linear path to data, particularly in enterprise bundle add-ons that sit in the gray zone between public tools and properly isolated solutions. When investigations spiral, he returns to “control the controllables,” reset without finger-pointing, and compress what should take weeks into days. His military-informed leadership philosophy centers on generating agency and freedom for his team, accepting that incident response inherently lacks balance and compensating through daily autonomy.
Topics Discussed:
- Learning holistic incident response through multi-responder ransomware coordination requiring collaboration
- Building executive trust through “Barney style” communication that adapts technical concepts to how leadership receives information
- Developing IR leaders through time-based training requiring exposure to diverse stakeholder reactions rather than seeking unicorn hires
- Mapping both data and people as critical incident response variables beyond traditional digital tooling and endpoint visibility
- Controlling the controllables during spiraling incidents by resetting without blame and compressing investigation timelines
- Tracking prompt injection as emerging AI attack vector creating linear data access paths through enterprise bundle add-ons
- Generating agency and freedom as leadership philosophy compensating for incident response’s inherent lack of work-life balance
- Retraining security awareness beyond grammar errors as AI-powered phishing eliminates traditional detection indicators
Listen to more episodes:
Disclaimer
This podcast’s information is provided for general reference and was obtained from publicly accessible sources. The Podcast Collaborative neither produces nor verifies the content, accuracy, or suitability of this podcast. Views and opinions belong solely to the podcast creators and guests.
For a complete disclaimer, please see our Full Disclaimer on the archive page. The Podcast Collaborative bears no responsibility for the podcast’s themes, language, or overall content. Listener discretion is advised. Read our Terms of Use and Privacy Policy for more details.