Threat Hunting: This is Not a Drill

Wednesday, February 28, 2018, 10:00am to 3:00pm at Bank of America

Your legacy defenses aren’t sufficient to secure your assets. Why? Because dedicated attackers are more nimble than global organizations. It is well within their skill set to bypass mainstream security defenses – frequently hiding in plain sight in commonly used protocols. Working under the assumption that a system is already compromised, threat hunting aggressively seeks out successful attackers in your organization.

Whereas pen testing asks “What’s my risk?”, Threat Hunting takes that question up a notch to ask “Am I already owned?”

If you’re looking for ways to build a threat hunting team capability this symposium is for you.

Led by security practitioner Joff Thyer, this interactive 5-hour event is designed to give you practical threat hunting guidance. It combines presentation, discussion, and peer conversation in an environment that is both fast-paced and casual.

Topics Include:

  • What are the indicators of an advanced threat actor
  • The most common places successful attackers hide
  • Why automated tools are not sufficient to detect targeted attacks
  • Techniques for threat hunting
  • Skills a threat hunting team needs
  • How to build a hunt team exercise
  • New technologies such as behavioral analysis, data analytics, and pattern recognition
  • KPIs and metrics you can use to measure success

Objective

The objective is for participants to leave with a strategy for developing a threat hunting capability and culture – whether engaging a vendor, building a dedicated internal resource, or periodically standing up a threat hunting team. You’ll also leave with new and renewed peer contacts in your area. Our hope is that this Symposium’s value brings IANS to mind when participants face InfoSec opportunities and challenges in the future.

Audience

This Symposium is designed for CISOs, Operations leads, and any information security practitioner who wants state-of-the-art guidance from industry leaders.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.



Speaker

Joff Thyer

Joff Thyer

IANS Faculty

Researcher and Penetration Tester of Black Hills Information Security (BHIS)


Agenda

Wednesday, February 28, 2018

The environment is highly interactive and designed to encourage casual conversation and peer contribution. The session begins with introductions – who is in the room and what are they up to? Joff will then set the stage with a problem statement and a presentation that is practical, thought provoking, and entertaining.