Name
PC5: Threat Hunting Workshop
Track
PreConference
Date
Tuesday, June 4, 2019
Time
8:00 AM - 4:00 PM
Description
Session Description:
Did you know you can use free, open-source, and off-the-shelf tools to find advanced attacker methodologies RIGHT NOW? With the right guidance, it really doesn’t take much. Join a real-life threat hunting practitioner who has built 24x7 hunting teams and established intuitive, sane, and very effective hunting methodologies that have led to routine sub-hour discoveries of nation-state attacks. This workshop will whittle down the craziness of the “threat hunting” market and help you understand what it really means as well as one battle tested way to do it well.
Things you’ll learn:
- how to not boil the ocean
- why catching attacker “hands-on-keyboard” activity is actually relatively easy
- tools you can deploy right now to help you hunt well
What this isn’t:
- a marketing pitch
- a theory that sounds cool but hasn’t been practiced
Ideal attendees:
- security analysts
- DFIR analysts
- intelligence analysts
- EDR analysts
- curious geeks
Required Equipment:
-Laptop (laptop with a Windows VM installed (Virtualbox is free) or the ability to install stuff on a Windows host)
Rental Laptops are available during registration.
Speakers
Speaker Bio(s)
Kris is the co-founder of Vector8, Inc. and has 15 years experience in leadership roles of security operations, incident response, digital forensics, signature development, indicator management, and tactical tool development within large enterprises. Kris has a passion for security orchestration, automation, and culture and applied related philosophies to lean-but-powerful security teams in the Air Force CERT, GE Aviation, CrowdStrike, and now Vector8.