It doesn't matter if you don't have a lot of teaching experience as long as you are well-spoken. I'll work with you and teach you principles of curriculum design and adult learning to help turn your expertise into effective learning content.
Here are some comments from a few of our course authors who I've worked with during this process so far.
At the end of the day, you can wind up with a course you're proud of that helps a lot of people and advances your career. You'll also develop teaching skills as a part of this by working directly with me. It's a lot of work, but it's a fun process.
β’ β’ β’
Missing some Tweet in this thread? You can try to
force a refresh
As one of my last doctoral coursework presentations, I spent time talking to my colleagues about the ethical dilemmas surrounding offensive security tool release. The outsider input was fascinating. Here's a thread to share some of that... 1/
Now keep in mind, my colleagues here are primarily educators. K-12 and university teachers, administrators, educational researchers, and so on. A few industry-specific education people as well, but none from infosec like me. 2/
My goal was to present the issue, explain why it was an ethical dilemma, and collectively discuss ethical perspectives that could influence decision-making. I withheld any of my opinions to let them form their own but gave lots of examples of OSTs and their use. 3/
Although I had met Alan, I didn't know him well. However, his signature hangs on my wall as part of the SANS Difference Makers award he had a hand in awarding me in 2018. 1/
From what I know of him, he was a big part of making sure this award existed because he believed that we should use technology to make people's lives better, and a lot of his life was committed to that idea. I think that's a sentiment most of us can get behind. 2/
When we think of people whose contributions shaped the state of education in computer security, Alan is likely in the top portion of that list. When you consider the transformative power of education on people's lives, it's easy to see how many people he impacted in some way. 3/
I think one of the best 1-2 punches we've got going right now is our CyberChef course + our RegEx course. I consider both pretty necessary skills for analysts of multiple sorts (SOC, IR, and Malware RE).
CyberChef is maybe my most used tool in investigations these days other than the SIEM or a terminal. That course gives you a taste of regex but then the RegEx course makes you comfortable there. You also get a free copy of RegEx Buddy with that course.
You also get the strong 1-2 punch of Matt's Australian accent and Darrel's British accent π
Some of the work I'm most proud of from my time at Mandiant was pioneering the building of investigative actions *into detection signatures* as they were written. This had profound impact across the detection and product teams, and made the tool so much more accessible.
We included two main components: a plain English version of the question that the analyst needed to answer, and the search syntax that would provide data to answer the question. It manifested in the UI as something I named "Guided Investigations".
This helped detection engineers write much better signatures because they had to think more deliberately about the consumer of the alerts (the analyst). It led to higher quality detection logic and clearer metadata, including rule descriptions.
A nice, concise table from the @codeorg State of CS Ed report this year showing the adoption of the 9 key CS policies at the individual state level.
How does your state rank there? Are you surprised by any of it?
Here are the 9 policies referenced in the table. The Code.org advocacy coalition recommends these things be in place at a state level to make computer science a fundamental part of the state's education system.
Basically, there's a lot more to getting CS in schools than the state govt telling districts to do it or making a requirement. There needs to be curriculum and goals, teachers need to be trained and certified (pre and in-service), and all that has to be paid for and coordinated.
There are a lot of ways that folks distinguish between blue team roles. My focus is on investigative work and cognitive skills, so I divide those roles into the mental model shown in this diagram. 1/
The primary characteristic that distinguish these investigative roles is their common place in the incident identification and response process. You might be familiar with that process acronym of PICERL, but it appears in many forms: csrc.nist.gov/publications/dβ¦. 2/
In the diagram, the functional portion of the PICERL process is at the top. Each role is listed below that with where it typically fits in relative to those phases. Preparation and Lessons Learned phases are excluded since those are pre and post-investigation steps. 3/