2019 Virtual Symposium
New Threat Hunting Techniques


Thursday, December 12, 2019 | 10:00 AM - 11:00 AM
Web Conference, Virtual, US & Canada

Thursday, December 12, 2019 | 9:00 AM - 10:30 AM PT
Web Conference, US & Canada

Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. Security teams have plenty of data but don’t know what specific data types they need and what to do with what they have. It’s time to get proactive – and that’s where threat hunting comes into play. This session explores the latest techniques in that area, including:

  • How to position hunt teams to directly increase the overall maturity (and ROI) of their monitoring and detection capabilities
  • How to detect abnormal patterns of behavior
  • Helping security teams use the process of asset inventory to paint a more accurate threat picture
  • How to optimize Gigamon for better network visibility and traffic monitoring
  • How to optimize System Monitor (Sysmon) to better track and log activity across a company’s Windows environment


A 30-minute overview of the core threat hunting fundamentals, including:
  • Asset inventory
  • Optimizing Gigamon and Sysmon for more effective network visibility and monitoring
  • Package capture techniques
  • Event log analysis

A 30-minute plan of action security professionals can take back to their teams, broken into the following:
  • Preparations/Flight training
  • What to do when flying the plane
  • Which controls do what, from the free tools to those sold commercially
  • Operationalizing tools and techniques so threat hunting becomes continuous instead of ad-hoc
  • Operationalizing to scale


This event is for IANS clients and invited guests - there is no vendor sponsorship or presence.

Let your colleagues know you're coming!

Register Now

* Required Fields
*Receive 1 CPE credit for every hour of attendance at our events.

2019 Virtual Symposium Facilitators


John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.

Achievements & Noteworthy Contributions
  • Co-author of Offensive Countermeasures: The Art of Active Defense (2013)
  • Contributor to the Penetration Testing Execution Standard (PTES)
  • Contributor to the 20 Critical Controls frameworks
  • Former co-host of Hack Naked TV and Security Weekly podcasts
  • Presenter at information security conferences such as RSA and Black Hat
  • Author of Black Hat’s "Active Defense, Offensive Countermeasures, and Hacking Back" course
  • Author of SANS Institute’s "Hacker Tools, Techniques, Exploits and Incident Handling" course
  • Former Information Assurance lead at Northrop Grumman and Accenture Certifications & Credentials


Web Conference

Registrants will receive a logistics email with web conference meeting information one day prior to the event.

Attendee Qualification

This Symposium is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Symposium to any entity or individual. IANS’ receipt of a registration application does not constitute acceptance. Individuals from Information Security Solution Providers (software, hardware, and consulting companies) are not eligible to attend. Symposiums are open to IANS clients that are Credential Holders and qualified Information Security Practitioners identified by IANS.

Attendee Contact


Check out IANS other upcoming events