EPISODE · Jun 16, 2026 · 34 MIN
Episode 4: How Analysts Think During an Investigation
from Signals & Stories · host The Vertex Project
In this episode of Signals & Stories, host Kali Fencl sits down with Vertex Project analysts Ryann "Reign" Hallback, Jen "The Silence" Kolde, and Mary Beth "Savage" Lee to explore the investigative mindset behind threat intelligence work.The conversation goes beyond indicators and malware to examine how experienced analysts approach uncertainty, evaluate evidence, and determine whether a lead is worth pursuing. The team discusses the importance of context, how to separate signal from noise, why confidence should be backed by evidence, and the cognitive biases that can derail an investigation.They also share lessons learned from years of intelligence work, including common mistakes analysts make, the challenges of proving attribution, the role of malware in investigations, and why skepticism is one of the most valuable skills an analyst can develop.Whether you're a seasoned intelligence professional or just starting your cybersecurity journey, this episode offers a candid look at the thought processes that drive effective investigations.In this episode:Where investigations really beginHow analysts decide what is worth pursuingThe difference between signal and noiseWhy context matters more than a single indicatorThe risks of over-relying on malware familiesCommon mistakes analysts makeHow Synapse helps analysts connect disparate data sourcesThe importance of showing your work and validating conclusionshttps://vertex.link/10-year-anniversary#CyberSecurity #ThreatIntelligence #CTI #CyberThreatIntel #APT1 #InformationSecurity #ThreatAnalysis #CyberPodcast #TheVertexProjectJoin our community:SlackLinkedInTwitter/XBluesky
What this episode covers
In this episode of Signals & Stories, host Kali Fencl sits down with Vertex Project analysts Ryann "Reign" Hallback, Jen "The Silence" Kolde, and Mary Beth "Savage" Lee to explore the investigative mindset behind threat intelligence work.The conversation goes beyond indicators and malware to examine how experienced analysts approach uncertainty, evaluate evidence, and determine whether a lead is worth pursuing. The team discusses the importance of context, how to separate signal from noise, why confidence should be backed by evidence, and the cognitive biases that can derail an investigation.They also share lessons learned from years of intelligence work, including common mistakes analysts make, the challenges of proving attribution, the role of malware in investigations, and why skepticism is one of the most valuable skills an analyst can develop.Whether you're a seasoned intelligence professional or just starting your cybersecurity journey, this episode offers a candid look at the thought processes that drive effective investigations.In this episode:Where investigations really beginHow analysts decide what is worth pursuingThe difference between signal and noiseWhy context matters more than a single indicatorThe risks of over-relying on malware familiesCommon mistakes analysts makeHow Synapse helps analysts connect disparate data sourcesThe importance of showing your work and validating conclusionshttps://vertex.link/10-year-anniversary#CyberSecurity #ThreatIntelligence #CTI #CyberThreatIntel #APT1 #InformationSecurity #ThreatAnalysis #CyberPodcast #TheVertexProjectJoin our community:SlackLinkedInTwitter/XBluesky
NOW PLAYING
Episode 4: How Analysts Think During an Investigation
No transcript for this episode yet
Similar Episodes
Apr 21, 2026 ·13m
Apr 19, 2026 ·16m
Apr 17, 2026 ·13m
Apr 13, 2026 ·11m
Apr 11, 2026 ·16m