Date: March 7, 2023
Time: 9 AM CST/10 AM EST/ 7 AM PST / 8:30 PM IST
Topic: Introducing Novel Technologies for Effective Threat Hunting
Abstract: Threat hunting is the proactive search for indicators of compromise (IOCs) and malicious activity on a network. It is a critical component of an organization’s cybersecurity strategy, as it helps to identify and mitigate threats that may have bypassed traditional security controls. With the rapid evolution of technology, new tools and techniques are constantly emerging to aid in threat hunting. A threat-hunting team at a large organization delves into the critical
elements of an effective threat-hunting program. In this webinar, discover the importance of having the proper tools and processes to query security data, understand and orchestrate the threat-hunting use case lifecycle, and track and escalate findings. Learn about the generic behaviors adversaries must perform in any attack or breach and how to identify such behaviors using standard security data.
- the importance of having the right tooling for querying security data
- understanding and orchestrating the threat hunting use case lifecycle
- identifying generic behaviors adversaries must perform in practically any attack or breach
- using EDR and SIEMs to detect these behaviors
- best practices for tracking and escalating findings
Michael Scutt, Head of Advanced Threat Detection | BlueVoyant
Bio: Mike Scutt leads detection engineering and threat hunting services at BlueVoyant, assisting clients in uncovering advanced adversaries, cutting-edge malware, and attacker infrastructure. With a lengthy background in responding to breaches by nation-state threat actors and hundreds of incident response engagements, Mike applies threat intelligence, forensics, and malware analysis techniques to trace attackers. In his role at BlueVoyant, Mike oversees the creation of analytics to identify malicious activity commonly unseen by traditional security tooling and implementation of threat intelligence for Managed Services clients.
Reagan Short, Security Operations Technical Director | BlueVoyant
Bio: Reagan Short has over 15 years of experience in technology operations, applying cybersecurity principles in several roles, including as a systems administrator, senior SOC analyst, technical advisor, and technical director. As SOC Technical Director at BlueVoyant, Reagan is responsible for enhancing security operations within the Managed Security Services division through various mechanisms, including detection content engineering, process automation, contextual enrichment, SOP optimization, case management, data analysis, and dashboard development. Reagan holds a BA in Psychology and Philosophy, an MS in Cybersecurity, an MS in Technology Commercialization, and a PGP in Artificial Intelligence and Machine Learning from reputed institutions.
Ian Harte, Threat Hunter, | BlueVoyant
Bio: Ian is a seasoned threat hunter with expertise in real-time threat detection. He specializes in reverse engineering malware and has a passion for finding new solutions in this field. Ian has a focus on MacOS and Linux malware and is committed to improving his skills and sharing his knowledge through open-source security solutions.
With prior experience as a Cavalry Scout in the military, Ian brings discipline and leadership to his professional and personal life. He led soldiers in high-stress combat situations in Iraq and Afghanistan, and these experiences have influenced his approach to threat hunting.
*Examples, analysis, views and opinion shared by the speakers are personal and not endorsed by EC-Council or their respective employer(s)