S3 Ep38: Testimonial from the Trenches cover art

S3 Ep38: Testimonial from the Trenches

S3 Ep38: Testimonial from the Trenches

Listen for free

View show details

About this listen

 Scott Poley and Tom Kostura are joined by Ben McGavin, Threat Hunting Team Lead at RSM Defense, and Justin Dolgos, Senior Threat Hunter at RSM Defense, for a conversation on what it takes to build and run a threat hunting program inside an MSSP.

They walk through how their team prioritizes hunts, manages detection logic across multi-tenant environments, and scales their approach through SoC collaboration and hypothesis-driven routines. Ben shares how the program was built from scratch, and Justin breaks down the lessons learned moving from alert triage into full-time threat hunting. They also cover tooling gaps, visibility challenges, and how custom detections have become a key success metric for their team.

This episode offers practical insight from two hunters operating at the heart of a fast-moving MSSP environment.

Watch this podcast on YouTube here: https://youtu.be/YQtmMomoUbU

----------

Stay in Touch!
Twitter: https://twitter.com/Intel471Inc
LinkedIn: https://www.linkedin.com/company/intel-471/
YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Discord: https://discord.gg/DR4mcW4zBr
Facebook: https://www.facebook.com/Intel471Inc/
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.