jstoner's Bio

I provide security domain expertise on security operations, threat hunting, detection engineering and response. Additionally, I blog about security operations and threat hunting, currently through the New to Chronicle series on https://chronicle.security/blogs. Part of my time is spent creating and developing workshops intended to provide practitioners the opportunity to broaden their skills within SecOps. I also speak at industry symposia including BSides; Vegas and SF; DefCon Packet Hacking Village; FIRST and FIRST Technical Colloquium Amsterdam; SANS THIR, DFIR, Cloud Security Summit and SIEM Summit; Way West Hacking Fest, WiCyS, AISA, Splunk .conf and Google Cloud NEXT. Prior to coming to Google, I was at Splunk and before that ArcSight. I was an APT scenario creator for a Blue Team CTF and can be found on Threads, Bluesky and Mastodon - Infosec Exchange with the same handle as on XTwitter, I just haven't found a permanent home yet.