Publications and Conferences
This is a non-exhaustive list of blogs, podcasts, articles, reviews, conferences hosted, and other publications I've created, co-created, or been involved in.
30 publications

(Re)building Threat Detection and Incident Response at LinkedIn
This blog discusses how LinkedIn rebuilt its security operations platform and teams, scaled to protect nearly 20,000 employees and more than 875 million members, and our approach and strategy to achieve this objective.

Crafting the Infosec Playbook
Co-authored this O'Reilly book on building an incident response program and creating the process, philosophy, and architecture for implementing an information security monitoring program. The book was also translated into Japanese.

Disk Image Deception
Cisco blog post highlighting our encounter with a malspam campaign that misused the .IMG file extension and lessons learned.

The Right Data at the Right Time
Presented at the SANS SIEM Summit on defining the right observability for security monitoring and how to apply the data collection principles to delivering security monitoring.

Cognitive Bias in Incident Response
Blog on pitfalls of overconfidence in cybersecurity incident response, highlighting the Dunning–Kruger effect and emphasizing robust methodology.

CSIRT Schiltron: Training, Techniques, and Talent
Presentation on enabling readiness and improving capabilities with evolving threat profiles and new skillsets for incident response teams.

How Computer Incident Response teams use CTI to keep up with the miscreants
Presentation at LACNIC 29 in Panama on applying cyber threat intelligence to incident response and detection engineering playbooks.

Incident Detection and Response
InterOp Japan presentation on building a world class security team and demonstrating approaches with web filtering and intrusion detection.

Ad-Weary Or, "What Could Possibly Go Wrong?"
Presentation at Security B-Sides Asheville and LACNIC/LACNOG 26 on ad-ware threats in enterprise networks and mitigation lessons.

FIRST Technical Colloquium Amsterdam
Annual FIRST Technical Colloquium in Amsterdam producing hundreds of talks on incident handling, threat intelligence, malware analysis, and more.

The State of Web Security: Attack and Response
Cisco Live presentations covering web-based attacks and protections through HTTP/S inspection and web-based logging and monitoring.

Cloud Security Observability for Detection and Response (Podcast)
Discussed enterprise scale security observability for incident response and threat detection on the Google Cloud Security Podcast.

International Women in Engineering Day LinkedIn Live

Cisco Security Blogs by Jeff Bollinger

Cisco TAC Security Podcast: Web Security with Jeff Bollinger

ZDNet article: LinkedIn has massively cut time to detect threats

RSA: Crafting the Infosec Playbook Review

SIEM Books on Amazon (Solutions Review)

Interview: Confirmation bias in incident response (The Register)

ACM SIGCAS: Responsible Disclosure

Splunk: Book review of Crafting the Infosec Playbook

Cisco Cybersecurity Series: Threat Hunting (quoted)

Cisco IT Case Study: Web Security

Cisco Datacenter Case Study: Network IPS

Article on Jeff Bollinger from UNC SILS

O'Reilly Author Page for Jeff Bollinger
Crafting the Infosec Playbook on Awesome Incident Response

Ad Weary - BSides Asheville Information Security Conference

Breaking into Cybersecurity with Jeff Bollinger - Incident Response
