As Sr. Principal Engineer, Ismael Valenzuela (@aboutsecurity) is part of McAfee's senior technical leadership team, leading research on Security Operations and Threat Hunting using machine-learning and expert-system driven investigations. Author and contributor of numerous technical articles and open source tools, Ismael is also a regular speaker at International conferences and is one of the few Certified SANS Instructor for the Cyberdefense and Digital Forensics tracks.

Prior to his current role at McAfee, Ismael led the delivery of SOC, IR & Forensics services for the Foundstone Services team within Intel globally. A top cybersecurity expert with strong technical background and deep knowledge of security architectures and continuous monitoring as well as advanced attack and defense techniques, Ismael has provided security consultancy, advice and guidance to large government and private organizations, including major EU Institutions and US Government Agencies. Previously, Ismael worked as Global IT Security Manager for iSOFT Group Ltd. and founded one of the first security consultancies in Spain in 2000.

Ismael holds a Bachelor's degree in Computer Science from the University of Malaga (Spain), as well as numerous professional certifications, including the highly regarded GIAC Security Expert (GSE #132) and many others from GIAC, ISC2 and ISACA.

Twitter: https://twitter.com/aboutsecurity
SANS: https://www.sans.org/instructors/ismael-valenzuela
McAfee: https://securingtomorrow.mcafee.com/author/ismael-valenzuela/

Ismael Valenzuela Blog Feed

More from Ismael Valenzuela

Security Operations

McAfee Provides Max Cyber Defense Capabilities in MITRE’s Carbanak+FIN7 ATT&CK® Evaluation

Each year, MITRE Engenuity™ conducts independent evaluations of cybersecurity products to help government and industry make better decisions to combat security threats and improve industry’s threat detection capabilities. These evaluations are based on MITRE ATT&CK®, which is widely recognized as the de facto framework for tracking adversarial tactics and techniques. At ...

Security Operations

SOCwise Series: A Tale of Two SOCs with Chris Crowley

In a recent episode of McAfee’s SOCwise Series, guest security expert Chris Crowley revealed findings of his recent survey of security efforts within SOCs. His questions were designed to gain insight into all things SOC, including how SOCs can accomplish their full potential and how they assess their ability to keep up with security technology.   Hosts Ismael Valenzuela and Michael ...

Security Operations

Hacking Proprietary Protocols with Sharks and Pandas

The human race commonly fears what it doesn’t understand.  In a time of war, this fear is even greater if one side understands a weapon or technology that the other side does not.  There is a constant war which plagues cybersecurity; perhaps not only in cybersecurity, but in the world ...

Security Operations

6 Best Practices for SecOps in the Wake of the Sunburst Threat Campaign

1. Attackers have a plan, with clear objectives and outcomes in mind. Do you have one? Clearly this was a motivated and patient adversary. They spent many months in the planning and execution of an attack that was not incredibly sophisticated in its tactics, but rather used multiple semi-novel attack ...

Security Operations

SOCwise Series: Practical Considerations on SUNBURST

This blog is part of our SOCwise series where we’ll be digging into all things related to SecOps from a practitioner’s point of view, helping us enable defenders to both build context and confidence in what they do.  Although there’s been a lot of chatter about supply chain attacks, we’re going to ...

Security Operations

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

Core to any organization is managing cyber risk with a security operations function whether it be in-house or outsourced. McAfee has been and continues their commitment to protecting cyber assets. We are dedicated to empowering security operations and with this dedication comes expertise and passion. Introducing SOCwise a monthly series ...

Endpoint Security

When Less is More – MVISION EDR Leads Detection Efficiency & Alert Quality

If you are an incident responder, a SOC analyst or a threat hunter, you know how a well-designed EDR solution can augment your visibility, detection, and reaction capabilities. However, in many organizations, a single blue teamer, or how we like to call them, an “all around defender,” may wear all these hats.  Even when all these roles are performed by the same person, ...

Security Operations

SOC vs MITRE APT29 evaluation – Racing with Cozy Bear

MITRE just released the results of the APT 29 evaluation of 21 commercial cybersecurity products today, including McAfee MVISION EDR. This evaluation, conducted in the form of a collaborative attack and defense exercise, is based on ATT&CK®, a freely available and open source knowledge base of adversary tactics and techniques ...

Endpoint Security

Response Required: Why Identifying Threats With Your EDR Isn’t Enough

The perpetrator was a master of disguise, outfitting himself as an employee to bypass the extensive preventive security controls and flee with the contents of the vault. Fortunately, the building was equipped with strong detection security measures, and the burglar—unaware of the location of a laser tripwire—soon set off a ...

Security Operations

McAfee Leads the Charge to Embrace and Expand the MITRE ATT&CK Framework

In October, I was privileged to attend the two-day MITRE ATT&CK™ conference, where participants and attendees voiced their support for the ATT&CK framework. The event, sponsored by McAfee, served as a forum for sharing insights and best practices for using ATT&CK as a way to describe and demystify the complexities ...

Subscribe to McAfee Securing Tomorrow Blogs