Ismael Valenzuela
Senior InstructorVice President Threat Research & Intelligence at Arctic Wolf
Specialities
Cyber Defense, Offensive Operations
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC530: Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise
SEC530Cyber Defense
- GIAC Defensible Security Architecture (GDSA)
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 24 Hours of hands-on instruction
Virtual Events
Explore content featuring this instructor’s insights and expertise.
- Slide 1 of 12
Combating Supply Chain Attacks with Product Security Testing
Supply chain attacks go unnoticed on average for 235 days and do more damage as a result of us not having a deep understanding of the products being used on a network. Product security testing helps obtain a comprehensive understanding of how choosing to use a particular product in your organization can affect your threat model and risk posture.
WebinarCyber Defense
- 13 Sep 2023
- 11:00 UTC
- Douglas McKee & Ismael Valenzuela
- Slide 2 of 12
Cyber Solutions Fest 2023: Threat Hunting & Intelligence
What should organizations do in 2023 to take a more proactive stance, operationalize threat intelligence and focus on maturing their threat hunting program?Join Ismael Valenzuela, SANS author and Senior instructor for the 2023 Cyber Solutions Fest - Threat Hunting and Intelligence Track, and hear talks on:Enriching alerts with threat intelligenceUtilizing XDR and MDR services to help accelerate your threat-hunting programOperationalizing threat intelligenceAutomating threat hunting tasks with XDR, NDR, and threat intelligence solutionsIdentifying the most actionable intelligence for the organization
WebinarCyber Defense
- 27 Oct 2023
- 08:30 UTC
- Ismael Valenzuela
- Slide 3 of 12
Cyber Threat Intelligence Summit Solutions Track 2024
In an increasingly complex and dynamic cyber threat landscape, decision-makers are turning to actionable, contextualized threat intelligence to bolster cyber resilience and fulfill mission or business objectives. With the advent of advanced AI technologies, including Large Language Models (LLMs), the scope and effectiveness of Cyber Threat Intelligence (CTI) are being revolutionized.
WebinarCyber Defense
- 30 Jan 2024
- 09:20 UTC
- Ismael Valenzuela
- Slide 4 of 12
Do you trust your hardware appliances? Should you?
Recent news of vulnerabilities in hardware appliances firmware such as Ivanti and Fortinet highlight the difficulty of securing complex digital supply chains. Having an in-depth understanding of what you put on your network is vital to implementing a zero-trust approach and managing risk appropriately.
WebinarOffensive Operations
- 8 Mar 2024
- 10:00 UTC
- Douglas McKee & Ismael Valenzuela
- Slide 5 of 12
SANS Secure Your Fortress: Cutting-Edge Defense Techniques for 2024
Step into a world where cutting-edge defense meets practicality in cybersecurity! "SANS Secure Your Fortress" will teach you how to master the latest and most effective defense techniques. Whether you're a seasoned expert or just beginning your cyber journey, this event is for you.
WebinarCyber Defense- 1 Apr 2024
- 08:00 UTC
- John Hubbard, David Hoelzer, Matt Edmondson + 12 more
- Slide 6 of 12
2024 Government Security Forum
In today's hostile digital landscape, government agencies face a relentless barrage of cyber threats. Furthermore, agencies face a continuing stream of legislative, executive, and oversight recommendations, constantly keeping teams and technologies on their toes. This SANS Solutions Forum equips public sector cybersecurity teams with the essential knowledge to address these challenges and modern threats head-on.
WebinarCyber Defense- 25 Jul 2024
- 10:00 UTC
- Matt Bromiley, Branko Bokan, Melanie "Kyle" Gingrich + 3 more
- Slide 7 of 12
SANS Secure Your Fortress: 2024's Top Defense Strategies and Trends
Join us at the forefront of cybersecurity at "SANS Secure Your Fortress: 2024's Top Defense Strategies and Trends!"
WebinarCyber Defense- 9 Oct 2024
- 08:00 UTC
- John Hubbard, David Hoelzer, Mark Baggett + 9 more
- Slide 8 of 12
Fall Cyber Solutions Fest 2024: Zero Trust Track
Prepare for the Future of Cybersecurity with Zero Trust. In an era where cyber threats constantly evolve and the boundaries of organizations become increasingly porous, the principle of "Never Trust, Always Verify" has become more relevant than ever. The Fall Cyber Solutions Fest Zero Trust Track aims to bring together top industry vendors to shed light on the newest developments, technologies, and best practices.What to Expect:Emerging Technologies: Discover the latest tools and solutions that fortify security postures, enhancing the ability to identify, authenticate, and authorize access dynamically.Integration Strategies: Learn how modern Zero Trust platforms can be seamlessly integrated with existing infrastructures, ensuring that security doesn’t impede functionality.Case Studies: Leading vendors will present real-world scenarios where Zero Trust architectures have made a difference, providing a practical perspective on its benefits and challenges.Anticipating the next move: Delve into the future of Zero Trust, understanding where the industry is headed and how to prepare for the security challenges of tomorrow.Networking Opportunities: Engage in rich dialogues with peers, thought leaders, and vendors, creating an ecosystem for shared learning and collaboration.Whether you are an IT professional, cybersecurity enthusiast, or a decision-maker looking to fortify your organization’s security posture, the Zero Trust Solutions Forum 2024 will equip you with the knowledge and tools to navigate the dynamic landscape of cybersecurity. Join Ismael Valenzuela, author and lead instructor of SANS Security 530, as we explore what are the most successful strategies and opportunities for implementing Zero Trust in 2024.
WebinarCyber Defense- 8 Nov 2024
- 09:00 UTC
- Ismael Valenzuela
- Slide 9 of 12
Secure Your Fortress: Building Robust and Resilient Defenses for 2025
Join us for SANS Secure Your Fortress: Building Robust and Resilient Defenses for 2025, where cutting-edge techniques meet hands-on practicality. Designed for cybersecurity professionals at all levels, this event equips you with the tools, strategies, and insights needed to overcome today’s toughest challenges and prepare for tomorrow’s emerging threats.
WebinarCyber Defense
- 23 Apr 2025
- 09:00 UTC
- John Hubbard, David Hoelzer, Sean Thomas + 11 more
- Slide 10 of 12
2025 SANS Zero Trust Survey Webcast & Forum: Exploring Challenges, Opportunities, and Innovative Solutions for a Secure Digital Future
As digital transformation accelerates, Zero Trust has become crucial for defending against an increasingly complex threat landscape. The rise in ransomware, credential stealers, supply chain attacks, and disruptive incidents impacting availability in 2024 has underscored the need for resilient cybersecurity strategies that can withstand and adapt to evolving threats.
WebinarCyber Defense- 17 Sep 2025
- 10:30 UTC
- Ismael Valenzuela
- Slide 11 of 12
Hack & Defend Summit Solutions Track 2025
Moving red and blue teams out of their silos means building a continuous feedback loop that translates adversarial knowledge into actionable defensive countermeasures and real fixes. At the Solutions Summit for Hack & Defend 2025, we’ll present state of the art solutions that can help you to achieve this. Furthermore, with AI and automation everywhere, it’s easy to get buried in data. In this forum, we will show you solutions that can. help you speed up triage and investigations, while keeping human judgment in the loop.Key Points for 2025:Fast Turnaround: Move test findings into rules and controls without delayPurple-Team Drills: Run joint red/blue exercises to spot and close gapsAutomated Validation: Replay attacks and check defenses at scaleRisk-First Focus: Use simple threat models to target your highest-impact pathsAI with Purpose: Enrich alerts automatically, but keep analysts in controlJoin me, Ismael Valenzuela, author of SEC530, Defensible Security Architecture and Engineering and co-author of SEC568: Product Security Penetration Testing, and SANS senior instructor, as we turn offensive insights into stronger defenses at Hack & Defend 2025.
WebinarOffensive Operations
- 29 Oct 2025
- 10:00 UTC
- Ismael Valenzuela
- Slide 12 of 12
Fall Cyber Solutions Fest 2025: Threat Track
Moving from clicking alerts to actively hunting threats takes planning, the right data, and the right tools. In 2025, with AI and automation everywhere, it’s more important than ever to stay ahead of attackers, arming yourself with clear intelligence, full visibility, and smart processes to catch problems before they become crises.Attackers are now making effective use of AI too, creating fake identities, automated phishing, and constantly changing malware. Still, behind every tool is still a real person (or group) with goals. Organizations need to have a balance of automated analysis with human judgment so you can spot true threats in the noise.There’s no shortage of threat intelligence sources either: open source, commercial, vendor, and community. Yet many teams struggle to turn intelligence into real defense. In this track, you’ll learn to plug intelligence directly into your security tools, while equipping humans to do better analysis: enriching alerts instantly, mapping threats to the MITRE ATT&CK framework, and sharpening your hunting approach based on what adversaries actually do.Key Takeaways for 2025:Plan regular, data-driven hunt campaigns instead of one-off investigationsEmbed threat intelligence into SIEM, SOAR, XDR, and NDR workflowsUse AI to speed up indicator triage and add context fastCombine automated analytics with focused human-led huntsFocus on high-quality intelligence that fits your environmentWhat to Expect:Smart Alert Enrichment: Automatically add useful context to indicators without flooding your team.Next-Gen XDR & MDR: Learn how managed services and orchestration speed up hunts.Live CTI Demos: See real examples of turning raw threat feeds into detection rules.Automated Hunting Playbooks: Create repeatable tasks across XDR, NDR, and cloud logs.Actionable Intelligence Guides: Pick the best data sources and turn them into playbooks your team will use.Join Ismael Valenzuela, author and SANS senior instructor, as we explore the most successful strategies and opportunities for implementing these tactics in your organization.Full Fall Cyber Solutions Fest Track List:Emerging Technologies Track | Nov 4Cloud Identity and Access Management Track | Nov 5SOC Track | Nov 5Threat Track | Nov 6AI Track | Nov 6
WebinarCyber Defense- 6 Nov 2025
- 08:00 UTC
- Ismael Valenzuela