How to Succeed at Threat Hunting & IR: Think Differently About Data

  • Date 05 Jun 2019

How to Succeed at Threat Hunting & IR: Think Differently About Data

05 Jun 2019, 12:00 - 12:25

Technology Showcase
Language:
English

Two pillars of a successful and proactive SOC are threat hunting and incident response. The use of network traffic analysis can help improve performance in these two areas, if you can trust the data. This session will explain how attackers can hide and misuse logs, agents, and standard security tools, and demonstrate effective approaches for countering their actions using network traffic analysis, passive monitoring, and real-time forensic data.

Learning Outcomes:

  1. Understanding of current attack practices including abuse of legitimate traffic and encryption
  2. Ways hunters remain hidden from attackers to avoid your Counter IR maneuvers
  3. Ideas for making analysts faster and more effective at validating, investigating, and responding to threats
  4. Options for empowering cross-training and on-the-job training to increase analyst skills
  5. Clarity on how to gain visibility into cloud and encrypted traffic

 

Contributors

  • Jamie Moles

    Speaker

    Senior Security Engineer

    ExtraHop

    Jamie has worked in the Computer Industry for over 30 years, focused primarily on Security and Infrastructure technologies.  In the early 1990s Jamie...

Business Issues covered

  1. What will this session help you to do?
    • Balance, manage and prioritise risk‎
    • Mitigate the effects of new vulnerabilities and exploits‎

ReedExpo.Nova.Framework.Categorization.CategorySelection

Sponsors

ExtraHop

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.