Martin G. Nystrom

Live online courses, books, and videos on O’Reilly


Martin G. Nystrom is Product Director for Cisco's Security Business. Martin was a founding member of Cisco's CSIRT, developed Cisco's incident response and monitoring programs, big data platforms, and handbooks, developing Cisco's global SOCs. From that experience, Martin started Cisco's managed detection and response (MDR) business, implementing advanced threat monitoring for customers in healthcare, finance, manufacturing, and public sector. Martin built and operated SOCs in the US, APAC, and EMEAR, providing 24x7 expert monitoring and investigation to detect and contain advanced cyber security threats on customer networks. As part of his role, Martin provided guidance for incident response and security initiative to executive customers. Martin built his security career by providing security architecture guidance for enterprise projects. Once he saw that the real fun was in discovering, hunting, and responding to cyber breaches, Martin became one of the founding members of Cisco CSIRT, leading and developing the team toward global SOC coverage and advanced tooling as a premiere CERT. He received a bachelor's degree from Iowa State University, a master's degree from NC State University, and maintains a CISSP certification since 2004. He is the author of O'Reilly's SQL Injection Defenses, and co-author of Security Monitoring. He is a frequent conference speaker, and was honored on the Java One Rock Star Wall of Fame. He enjoys speaking at FIRST and Cisco Live (formerly Cisco Networkers) conferences. Most of Martin's papers and presos can be found on his web site at