Our guest today is Denver Durham. He’s a threat intelligence consultant at Recorded Future, with a background in the U.S. Army as an intelligence analyst, working in signals intel and all-source intel supporting counterterrorism,and later in the private sector in a SOC (security operations center) as a cyber threat analyst, performing attribution and analytics.

On today’s show, he takes us through what he believes are some of the most relevant questions for a SOC analyst, including collecting and prioritizing indicators of compromise, handling news feeds, managing firewall alerts, and performing trend analysis. We’ll learn about the types of reports a SOC analyst is likely to generate, how to make good use of some third-party rules, and he’ll share his advice for anyone considering a career as a SOC analyst.