Threat Hunting: This is Not a Drill

Thursday, August 30, 2018, 10:00am to 3:00pm at Hyatt Regency Denver Tech Center

#IANSDenver #IANSEvents

Your legacy defenses aren’t sufficient to secure your assets. Why? Because dedicated attackers are more nimble than global organizations. It is well within their skill set to bypass mainstream security defenses – frequently hiding in plain sight in commonly used protocols. Working under the assumption that a system is already compromised, threat hunting aggressively seeks out successful attackers in your organization.

Whereas pen testing asks “What’s my risk?”, Threat Hunting takes that question up a notch to ask “Am I already owned?”

If you’re looking for ways to build a threat hunting team capability this symposium is for you.

Led by security practitioner John Strand, this interactive 5-hour event is designed to give you practical threat hunting guidance. It combines presentation, discussion, and peer conversation in an environment that is both fast-paced and casual.

Topics Include:

  • What are the indicators of an advanced threat actor
  • The most common places successful attackers hide
  • Why automated tools are not sufficient to detect targeted attacks
  • Techniques for threat hunting
  • Skills a threat hunting team needs
  • How to build a hunt team exercise
  • New technologies such as behavioral analysis, data analytics, and pattern recognition
  • KPIs and metrics you can use to measure success


The objective is for participants to leave with a strategy for developing a threat hunting capability and culture – whether engaging a vendor, building a dedicated internal resource, or periodically standing up a threat hunting team. You’ll also leave with new and renewed peer contacts in your area. Our hope is that this Symposium’s value brings IANS to mind when participants face InfoSec opportunities and challenges in the future.


This Symposium is designed for CISOs, Operations leads, and any information security practitioner who wants state-of-the-art guidance from industry leaders.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.

*This Symposium is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Symposium to any entity or individual. IANS’ receipt of a registration application does not constitute acceptance. Individuals from Information Security Solution Providers (software, hardware, and consulting companies) are not eligible to attend. Symposiums are open to IANS clients that are Credential Holders and qualified Information Security Practitioners identified by IANS.


John Strand

John Strand

IANS Faculty

Owner of Black Hills Information Security (BHIS)


Thursday, August 30, 2018

The environment is highly interactive and designed to encourage casual conversation and peer contribution. The session begins with introductions – who is in the room and what are they up to? John will then set the stage with a problem statement and a presentation that is practical, thought provoking, and entertaining.