As Sr. Principal Engineer, Ismael Valenzuela (@aboutsecurity) is part of McAfee's senior technical leadership team, leading research on Security Operations and Threat Hunting using machine-learning and expert-system driven investigations. Author and contributor of numerous technical articles and open source tools, Ismael is also a regular speaker at International conferences and is one of the few Certified SANS Instructor for the Cyberdefense and Digital Forensics tracks.

Prior to his current role at McAfee, Ismael led the delivery of SOC, IR & Forensics services for the Foundstone Services team within Intel globally. A top cybersecurity expert with strong technical background and deep knowledge of security architectures and continuous monitoring as well as advanced attack and defense techniques, Ismael has provided security consultancy, advice and guidance to large government and private organizations, including major EU Institutions and US Government Agencies. Previously, Ismael worked as Global IT Security Manager for iSOFT Group Ltd. and founded one of the first security consultancies in Spain in 2000.

Ismael holds a Bachelor's degree in Computer Science from the University of Malaga (Spain), as well as numerous professional certifications, including the highly regarded GIAC Security Expert (GSE #132) and many others from GIAC, ISC2 and ISACA.

Twitter: https://twitter.com/aboutsecurity
SANS: https://www.sans.org/instructors/ismael-valenzuela
McAfee: https://securingtomorrow.mcafee.com/author/ismael-valenzuela/

Ismael Valenzuela Blog Feed

More from Ismael Valenzuela

Security Operations

Hacking Proprietary Protocols with Sharks and Pandas

The human race commonly fears what it doesn’t understand.  In a time of war, this fear is even greater if one side understands a weapon or technology that the other side does not.  There is a constant war which plagues cybersecurity; perhaps not only in cybersecurity, but in the world ...

Security Operations

6 Best Practices for SecOps in the Wake of the Sunburst Threat Campaign

1. Attackers have a plan, with clear objectives and outcomes in mind. Do you have one? Clearly this was a motivated and patient adversary. They spent many months in the planning and execution of an attack that was not incredibly sophisticated in its tactics, but rather used multiple semi-novel attack ...

Security Operations

SOCwise Series: Practical Considerations on SUNBURST

This blog is part of our SOCwise series where we’ll be digging into all things related to SecOps from a practitioner’s point of view, helping us enable defenders to both build context and confidence in what they do.  Although there’s been a lot of chatter about supply chain attacks, we’re going to ...

Security Operations

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

Core to any organization is managing cyber risk with a security operations function whether it be in-house or outsourced. McAfee has been and continues their commitment to protecting cyber assets. We are dedicated to empowering security operations and with this dedication comes expertise and passion. Introducing SOCwise a monthly series ...

Endpoint Security

When Less is More – MVISION EDR Leads Detection Efficiency & Alert Quality

If you are an incident responder, a SOC analyst or a threat hunter, you know how a well-designed EDR solution can augment your visibility, detection, and reaction capabilities. However, in many organizations, a single blue teamer, or how we like to call them, an “all around defender,” may wear all these hats.  Even when all these roles are performed by the same person, ...

Security Operations

SOC vs MITRE APT29 evaluation – Racing with Cozy Bear

MITRE just released the results of the APT 29 evaluation of 21 commercial cybersecurity products today, including McAfee MVISION EDR. This evaluation, conducted in the form of a collaborative attack and defense exercise, is based on ATT&CK®, a freely available and open source knowledge base of adversary tactics and techniques ...

Endpoint Security

Response Required: Why Identifying Threats With Your EDR Isn’t Enough

The perpetrator was a master of disguise, outfitting himself as an employee to bypass the extensive preventive security controls and flee with the contents of the vault. Fortunately, the building was equipped with strong detection security measures, and the burglar—unaware of the location of a laser tripwire—soon set off a ...

Security Operations

McAfee Leads the Charge to Embrace and Expand the MITRE ATT&CK Framework

In October, I was privileged to attend the two-day MITRE ATT&CK™ conference, where participants and attendees voiced their support for the ATT&CK framework. The event, sponsored by McAfee, served as a forum for sharing insights and best practices for using ATT&CK as a way to describe and demystify the complexities ...

Enterprise

A Model for Human and Machine Interaction: Human-Machine Teaming Grows up

Security operation centers (SOCs) are struggling to keep up with attackers, and artificial intelligence (AI) has failed to deliver significant improvements. The industry has been successful at applying AI to malware detection and user and entity behavior analytics (UEBA) using deep neural networks and anomaly detection. But other core SOC ...

Enterprise

How Thinking Like an Attacker Makes You a Better Threat Hunter

In the race against cybercrime, like in a chess game, threat hunters are constantly trying to get one step ahead of the opponent, trying to predict what the next movement will be. Evidence suggests, however, that most organizations struggle to catch up with the pace, with their defenders (also commonly ...

Subscribe to McAfee Securing Tomorrow Blogs