@bhinfosecurity
Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game. blackhillsinfosec.com & poweredbybhis.com
John Strand (@strandjs.bsky.social) is live on Reddit, following up on his AMA from five years ago!
The industry has shifted a lot since then — let’s talk about it.
Drop your burning questions for John here:
www.reddit.com/r/cybersecur...
Join the BHIS team at the @antisyphontraining.bsky.social at the virtual SOC Summit on March 25th -- six-hours of expert-led discussion about all things SOC related. Limited to 5,000 attendees: www.antisyphontraining.com
Read and download The Infosec Survival Guide: ORANGE BOOK - Incident Response here -- www.blackhillsinfosec.com/prompt-zine/...
Order your FREE copy of The Infosec Survival Guide: ORANGE BOOK - Incident Response here - spearphish-general-store.myshopify.com/products/the...
Learn how Gerard Johansen uses the IR tool KAPE to extract & parse artifacts faster with more efficient analysis.
Download KAPE here -- www.kroll.com/en/services/...
$25 -- 4-Hour Workshop: Hacking AI-LLM Applications -- w/ Derek Banks and Brian Ferhman
Fri, Mar 6, 2026 12:00 PM EST
Register: www.antisyphontraining.com/product/work...
Join us on March 25th for a free, six-hour interactive SOC Summit featuring 11 expert speakers: www.antisyphontraining.com/event/soc-su...
No BHIS webcast this week but Antisyphon Training has got you covered!
Anti-Cast:
Anti-cast: Preparing IR for AI Incidents with @Gerard Johansen -- Is your Incident Response plan AI ready?
Wed, Mar 4, 2026 12:00 PM EST
Register: events.zoom.us/ev/AmfNZmZ2g...
Ashley K. joined us last week to talk about how to keep our information safe!
She walked through practical best practices for data loss prevention & protecting your most sensitive data.
Check out the full webcast and slide deck here -- www.youtube.com/live/5vj9e6B...
Tomorrow, we get the chance to learn from Ashley Knowles!
Here’s an excerpt from her intro to network pentesting webcast — a quick sneak peek at what you can expect.
Register for Data Loss Prevention Survival Guide w/ Ashley Knowles for FREE here: events.zoom.us/ev/AsU6DpkxS...
*NEW** BHIS | Blog
Malware analysis is a powerful skill for both blue and red teams, and getting started is easier than you think.
Malware Analysis: How to Analyze and Understand Malware
by: John Hammond
Published: 02/25/2026
Learn more: www.blackhillsinfosec.com/malware-anal...
Curious about a Patterson Cake session👇?
Improving Security Investigations, Using Excel Hacks - www.youtube.com/watch?v=FRz4...
Demystifying Windows Malware Investigations - www.youtube.com/watch?v=TsTB...
Business Email Compromise Detect, Respond, & Prevent - www.youtube.com/watch?v=NoIe...
FREE Orange Book: Incident Response below or at the link here - www.blackhillsinfosec.com/prompt-zine/...
Get a physical copy shipped to you for FREE - spearphish-general-store.myshopify.com/products/the...
If you’ve been around for a Patterson Cakes session, you already know… he always delivers!
Patterson breaks down what “actionable intelligence,” actually means in the real world.
Checkout this article from The Infosec Survival Guide: ORANGE BOOK!
Next week, Ashley Knowles is back with a brand-new webcast, where she’ll be diving into best practices for data loss prevention!
The anticipation is real — so while we wait, let’s take a look back at when she joined us to give an intro to network pen testing.
Watch: www.youtube.com/watch?v=DCDp...
The next free monthly one-hour training session with Active Countermeasures is on Threat Hunting C2: DNS TXT Record Abuse w/ Faan Rossouw!
Register: events.zoom.us/ev/Aqb16UU6s...
**NEW** BHIS | Blog
This OSINT primer breaks down best practices, essential tools, and tips to investigate responsibly
OSINT: How to Find, Use, and Control Open-Source Intelligence
by: Leonardo Núñez
Published: 02/18/2026
Learn more: www.blackhillsinfosec.com/osint-how-to...
In the United States?
Get a physical copy of the Orange Book: Incident Response shipped to you for FREE -- spearphish-general-store.myshopify.com/products/the...
You can also read the it online for FrEE here -- www.blackhillsinfosec.com/prompt-zine/...
Last week, we broke down how to tell whether an alert is hot or cold.
This week, we’re walking through what the first hour of a true positive alert actually looks like with Fletus Poston!
The next free ANTI-Cast is on Adapting to Active Directory Security Enhancements w/ Eric Kuehn Wed, Feb 18, 2026 12:00 PM EST
Register: events.zoom.us/ev/Ai-moePsb...
P.S. Join us on March 25th for a free, 6hr interactive SOC Summit w/ 11 expert speakers: www.antisyphontraining.com/event/soc-su...
Join us for this week's infosec-news stories with the Black Hills Infosec team live at 4:30pm ET on Mondays -- www.youtube.com/watch?v=xg_H...
Some alerts are way too hot. Others are ice cold. 🔥❄️
Our SOC SecOps lead, Hayden Covington, shows you how to find the Goldilocks zone—spending just the right amount of time on the alerts allowing you to quickly triage and move on!
The Future Is ****** #10 of 60 is only available in comic book shops on Wednesday, Feb 11. The LULZ continues! Get caught up on issues #1-7: spearphish-general-store.myshopify.com/collections/...
Kevin Klingbile joined @antisyphontraining.bsky.social for a fantastic webcast which you can watch here -- www.youtube.com/watch?v=TFtH...
We also had the honor of learning from Kevin when he joined us last year to talk about reconnaissance in Azure Cloud here -- www.youtube.com/live/w1DkzNi...
**NEW** BHIS | Blog
Go behind the scenes of a real-world incident that shows what SOC work actually looks like when it matters.
When the SOC Goes to Deadwood: A Night to Remember
by: Melissa Lauro
Published: 02/04/2026
Learn more: www.blackhillsinfosec.com/social-engin...
Coming up in the future:
Feb 23rd – 26th: Getting Started in Security with BHIS and MITRE ATT&CK with John Strand
www.antisyphontraining.com/product/gett...
SOC Summit: March 25th, 2026
Hey folks!
No BHIS webcast this week but @Antisyphon Training has got you covered!
Now, let’s take a look at what we have coming up this week.
Anti-Cast:
Feb. 4th: How to Strengthen M365 Exchange Online Configurations with Kevin Klingbile
www.antisyphontraining.com/event/anti-c...
Join us for this week's infosec-news stories with the Black Hills Infosec team live at 4:30pm ET on Mondays -- youtube.com/live/VEVupZd...
Chris Traynor joined us to introduce Cerno — a new free & open-source tool designed to bring order to pentest findings.
If you’re looking to simplify your pentest workflow, watch the full webcast here -- www.youtube.com/watch?v=aGmR...
Download -- github.com/ridgebackinf...
Chris Traynor just demoed a new tool designed to streamline your pentest workflowv👉 github.com/ridgebackinf...
While you explore, take a look back at when Chris joined us to break down practical pentesting tactics, techniques, and procedures to level up your assessments -- youtu.be/mtAcfEWOoJI
Want to learn a professional social engineering technique using Microsoft SSPR that can provide initial access without talking to the help desk?
Social Engineering & Microsoft SSPR: The Road to Pwnage is Paved with Good Intentions by John Malone
Read: www.blackhillsinfosec.com/social-engin...
