Threat Hunting: Becoming the Predator and No Longer the Prey
Track 3
4 Feb 2022 4:30 PM - 5:30 PMThreat Hunting may be one of the more glamorized components of modern security operations today. Every week we read of how modern security controls are being evaded and bypassed. We know that a more proactive approach to detecting Evil is needed. Still, Threat Hunting is much more complicated than reviewing our SIEM enriched and neatly packaged alerts that our security controls have decided are worth our attention. It can often be challenging to know where to start, obtain a high ROI, and measure and communicate value or progress with Threat Hunting.
In this talk, we are going to explore how to do just that.
It is not expensive tools or highly situational graphical user interfaces that are needed. What we need is a repeatable, scalable, and measurable process that will give the effort vision and direction at the beginning and the ability to validate maturation as advance in the dicipline. While paid products can help, there are more than enough open-source resources to develop a Threat Hunting operation that can reliably detect some of the techniques used by the advanced adversaries of our day.
Christian Taillon
Threat Response Engineer, GCE
@christian_tail
https://christiantaillon.medium.com/
Christian contributes to Grand Canyon Education's IT Security team as a Threat Response Engineer. His efforts focus primarily on improving the Security team's operational tools and capabilities to efficiently detect and effectively respond to threats. This is done primarily through work relating to SIEM, EDR, NTA, and an evolving Threat Intelligence program.
He enjoys contributing to the larger community via various Threat Intelligence Content Development efforts and open-source projects. He leads Threat Exchanges as a Global Watch Center Handler for ACTRA, where he teaches for their Academy. He works as a Solutions Architect for the Cyber Resiliency Institute and contributes to SPORTS-ISAO as a member of the COTH team. When away from the keyboard, he enjoys camping, kayak, and hiking with his wife.