Endgame Threat Hunting Workshop Series

threat hunting workshop series image
Enterprises are battling targeted attacks. These attacks are 100% successful because they are well planned and resourced, are human driven, and have a level of sophistication that bypasses existing tools. Most of these targeted attackers use advanced stealth techniques such as memory injection, fileless behaviors, living off the land methods, persisting within the COM, etc. to hide in the network, making it difficult to find them.

Hunt and IR teams are tasked to search and eliminate these threats, often after the adversary is deeply entrenched in the network, leaving enterprises vulnerable to theft and disruption. Threat hunting is the proactive detection and elimination of threats without any prior knowledge or known indicators of compromise. The goal is to evict attackers out of enterprise network before any damage and loss occurs – and of course do this when you have no indicator of compromise!

Join us for a hands-on workshop over heavy hors d'oeuvres and drinks as you network with fellow hunters and learn:

- The foundation of hunting: Why IOC-based and alert-based hunting is not enough

- Hunting on the cheap: SYSMON, Logs, Network data

- Hunting at scale: Prevention, In-memory hunt, persistence hunt

- Measuring Success: Hunt metrics for organizations to measure value of your hunt program