[138] How to Become the Go-To Threat Operations Expert for MSPs

In this episode of TubbTalk, Richard speaks to Dray Agha, UK Operations Manager for cybersecurity experts Huntress.

Dray tells Richard how he got started in the IT industry while he was still a kid, and how he ended up at Huntress. They discuss the workplace culture at the company and what makes them different.

Dray describes the Huntress experience for MSPs and how they support their clients with three key cybersecurity challenges. They also dig into SOC – what, if any, difference there is between it and managed security platforms, and why you might want to outsource your SOC.

Dray tells Richard why outsourcing isn’t a bad thing, and why overseas suppliers can have a positive impact on your business, but also talks through the steps if you decide you want to build your own internal security system.

Richard asks Dray to explain the terms ‘offensive security' and ‘persistent foothold’, why defensive security is both exciting and frustrating, and how Huntress respond to client security breaches.

Finally, Dray shares the biggest change he’s seen in the industry since he started, who his mentors and influences are, both professionally and personally, and his best resources for staying up to date with the cybersecurity industry.

Mentioned in This Episode

• Product Labs
• The Tech Tribe
• Cisco
• Windows event forwarding
• Windows event collector
• Blog: Defense Evasion: Defenders Strike Back!
• Splunk
• Elasticsearch
• OpenSearch
• Huntress/Kyle Hanslovan on YouTube
• Andrew Thompson Mandiant Intelligence
• Lockheed Martin Cyber Kill Chain
• MITRE ATT&CK
• Book: Jaime Levy: UX Strategy
• Mark Gould
• Book: Harlan Carvey: Windows Registry Forensics
• John Fitzpatrick, MWR Infosecurity
• Darknet Diaries
• GreyNoise
• Huntress Tradecraft Tuesday
• Huntress free trial

Mentioned in this episode:

Get MSP Insights every Tuesday

Every Tuesday I share my thoughts on the business of IT with you, the Managed Services community. Thousands of Managed Service Providers already subscribe to MSP Insights. It’s easy to sign up, easy to cancel. MSP Insights is basically a short email from me, every Tuesday without fail, with advice on growing your IT business, plus cool resources I’ve found, discovered or starting exploring that week. It’s kind of like my diary of cool things, and often includes articles or books I’ve read, tools I’ve discovered, and events I think you’d be interested in, often sent to me by my friends and TubbTalk podcast guests. So, if that sounds fun, a short, tiny bite of MSP goodness every Tuesday, and you’d like to try it out, just go to https://go.tubb.co/tuesday, drop in your email and you’ll get the very next one.