Threat Hunting on Steroids: Time to dig deeper

Live Broadcast | -

Earn up to 6.5 CPE credits by attending this virtual event.

Staying proactive in the fight against cybercriminal activity requires constant vigilance, and also a commitment to continually improve your threat hunting methodologies. A quick scouring of your environment won’t do. You need to look harder, probe further. You must map out the nooks and crannies of your attack surface, stay abreast of the latest threat intel developments, and monitor for suspicious activity that deviates from business norms. 

This eSummit will suggest ways you can optimize your threat hunting resources so you’re not just scratching the surface, but actually digging deep into your ecosystem to root out threats. Topics include: 

• The latest exclusive research on threat hunting from the CyberRisk Alliance 

• How to reduce dwell time by finding, prioritizing and reacting to anomalies more quickly

• Advancements in machine learning, AI and analysis that will empower threat hunters 

• Assessing your hunt: How to quickly separate the true threats from false positives 

Tuesday, February 21st

OPENING KEYNOYE | Threat modeling: Keeping pace with increasing cloud risks

Jon-Michael C. Brook: Principal Security Architect, Starbucks

According to the Cloud Security Alliance, the rapid rate of cloud adoption – and the security risks commensurate with this trend – is outpacing the adoption of cloud threat modeling practices. This session will detail what cloud-reliant organizations need to do to shape up and bring their threat modeling processes up to speed with their current reality. Moreover, the session will address how to determine which cloud threat modeling framework and methodology (asset-centric vs. attacker-centric vs. software-centric, etc.) works best for your organization.

Threat hunting for effective cybersecurity
Derrek Smith: CTI Specialist, Cybersixgill

The Deep and Dark Web poses unprecedented challenges for organizations when it comes to battling cyber threats. This is where criminals plan their attacks and provide the tools and techniques needed to carry them out. Within this complex cyber threat battleground, companies cannot afford to continue relying on passive, reactive defense, and instead must leverage the tools and methodologies to facilitate a truly proactive and preemptive cyber defense program.

This session will discuss and demonstrate threat hunting – the best for practices organizations to seek out the highest-priority potential cyber threats and the necessary steps to strengthen their overall cyber resilience. Attendees will go away knowing how to find and prevent threats before they become attacks.

Throughout this presentation attendees will learn and understand:
• How to effectively prepare for and plan the threat hunt, with detailed explanations of the tools and information needed.
• How to set priorities and build a threat hunting road map.
• The five steps involved in a threat hunt and how to perform them effectively.
• Insights necessary to make the most of the information gathered through threat hunting.

CLOSING KEYNOTE | Reducing dwell time: Making every minute count

Jonathan Kazar: Senior Associate Cyber Threat Intelligence, New York Life Insurance Company

Dwell time – often measured by the metrics mean time to detect (MTTD) and mean time to repair/remediate (MTTR) – is one of the most significant indicators of whether your proactive threat hunting practices are effectively rooting out threat actors that are hiding in your network. This session will offer recommendations for how to reduce dwell time by sharpening your threat hunting skills and making sure that you are prepared to take proper and decisive action when your hunt turns up a legitimate threat.

Wednesday, February 22nd

OPENING KEYNOTE | Is your managed security service equipped to hunt APTs?
Alexia Crumpton: Lead Cybersecurity Engineer, MITRE

Lex Crumpton: Lead Cybersecurity Engineer, MITRE

In late 2022, the MITRE Engenuity foundation revealed the findings from its first-ever ATT&CK Evaluations for managed security service providers. The report measured various MSSPs’ ability to recognize, analyze and report the TTPs of the OilRig Advanced Persistent Threat group. This session will dig into the findings to help MSSP customers and prospective clients determine what they should be looking for when ascertaining whether a particular managed security services provider is the right fit when it comes to proactively hunting threats posed by sophisticated cyber adversaries.

Deception best practices: Flipping the script on your attackers
Ondrej Nekovar: CISO & Chief Deception Officer, State Treasury – Center of Shared Services, Ministry of Finance, Czech Republic
Timothy Rohrbaugh: Virtual CISO & Security Advisor

Among the more active defense strategies that threat hunters can employ is deception – the use of decoys, honeypots and other “shiny objects” meant to lure network intruders into a trap and tricking them into exposing their malicious activity prematurely. In a sense, it borrows the principles judo – using your attackers’ aggressiveness against them. This session will look at recent successes and innovations in the use of deception technology, including concepts such as building deception at edge, and using deception to root out sophisticated APT threats.

Please check back for updates to this agenda*