Hi [[ session.user.profile.firstName ]]

Sqrrl Threat Hunting

  • Date
  • Rating
  • Views
  • Q&A With Hunting Expert Eric Cole
    Q&A With Hunting Expert Eric Cole
    Dr. Eric Cole, SANS Fellow, Security Author/Teacher Recorded: Dec 21 2017 13 mins
    Join us for a Q&A session with SANS Fellow Dr. Eric Cole, as we explore current hunting trends and best practices from Dr. Cole's 20+ years of infosec experience. We'll be diving into topics like:

    -Network vs. host-based hunting
    -How to jump-start a hunting program
    -Current and future trends in threat hunting
  • The Role of Intelligence in Hunting: Spotlight Interview with Keith Gilbert
    The Role of Intelligence in Hunting: Spotlight Interview with Keith Gilbert
    Keith Gilbert, Threat Researcher and Security Technologist, Sqrrl Recorded: Nov 9 2017 13 mins
    Veteran threat researcher Keith Gilbert sits down for an interview on threat intelligence in hunting. Watch to learn about:

    -How to convert data into actionable threat intel
    -Best techniques for leveraging threat intel on a hunt
    -Tips and best practices from Keith's threat hunting career
  • Offensive Countermeasures: Threat Hunting Spotlight with Matthew Hosburgh
    Offensive Countermeasures: Threat Hunting Spotlight with Matthew Hosburgh
    Matthew Hosburgh, Cyber Threat Hunter, Radian Recorded: Sep 14 2017 23 mins
    Join us for a new spotlight interview with Matthew Hosburgh, threat hunter for Radian. We'll be talking about:

    -Offensive Countermeasures/Decoy Platforms: what they are, and how to use them
    -How to build a threat hunting program
    -Threat hunting vs. alert-based investigations
  • Hunter Spotlight with Samuel Alonso: Gaining Network Visibility
    Hunter Spotlight with Samuel Alonso: Gaining Network Visibility
    Samuel Alonso, Senior Cybersecurity Analyst Recorded: Aug 10 2017 28 mins
    In this half-hour interview, Sqrrl sits down with experienced hunter Samuel Alonso for his best advice on threat hunting, focusing on:

    - Gaining network visibility (best tools, data sources, and more)
    - Samuel's experience as a threat hunter and lessons learned
    - Practical tips for both new and experienced hunters

    About the Threat Hunter:
    Samuel is a Senior Cybersecurity Analyst, formerly working at KPMG. He has extensive experience in threat hunting, information security practices, and business development,
  • Knowing and Pivoting Through Your Data (Hunter Spotlight)
    Knowing and Pivoting Through Your Data (Hunter Spotlight)
    Chris Sanders, Founder, Applied Network Defense Recorded: Jul 19 2017 32 mins
    In this month's hunter spotlight, we sit down with Chris Sanders, veteran hunter with over 10 years experience, as we discuss:
    - How to manage different data sources for hunting
    - Best pivoting practices and rules of thumb
    - How to convert findings into actionable intelligence
    - Techniques for reducing evidence abstraction
  • Threat Hunting: Past, Present, and Future
    Threat Hunting: Past, Present, and Future
    Richard Bejtlich, Security Author, Brookings Fellow Recorded: Jul 11 2017 52 mins
    This panel reunites the original GE CIRT incident handlers to share their perspective on threat huntings origins and current direction. Topics include:

    - Foundations, principles, and how to get started
    - Requirements, data sources, and visibility
    - Early technologies and approaches
    - Personnel development and mentoring
    - Challenges, especially at scale
  • Hunter Spotlight: Interview with Danny Akacki, Fortune 100 Hunter
    Hunter Spotlight: Interview with Danny Akacki, Fortune 100 Hunter
    Danny Akacki, Threat Hunter, Fortune 100 Company Recorded: Jun 22 2017 33 mins
    Danny Akacki works on the Hunt Team for a Fortune 100 Finance Company. In this interview, Danny will share his experiences hunting and discuss:

    1. What makes a good hunter?
    2. What makes a good hunt program?
    3. How mature does an org need to be in order to benefit from a hunting program?
    4. Why should you avoid hunting before your org is ready?
    5.What's the difference between an investigation and a hunt?
  • Hunting From Network to Endpoint (Hunter Spotlight)
    Hunting From Network to Endpoint (Hunter Spotlight)
    Ryan Nolette, Hunter and security technologist at Sqrrl Recorded: May 25 2017 31 mins
    Ryan Nolette, Sqrrl's hunter and security technologist, will break down:
    • Determining what endpoints to investigate in a hunt
    • Pivoting from network to endpoint investigations
    • Essential tools and best practices for endpoint hunting

    About the hunter:
    Ryan is Sqrrl's primary security technologist and expert. He has previously held a variety of roles including threat research, incident response consulting, and every level of security operations. With over a decade in the infosec field, Ryan has been on the product and operations side of companies such as Carbon Black, Crossbeam Systems, SecureWorks and Fidelity. Ryan has been an active speaker and writer on threat hunting and endpoint security.
  • Conducive Environments for Successful Threat Hunting (Hunter Spotlight)
    Conducive Environments for Successful Threat Hunting (Hunter Spotlight)
    Jason Smith, Security Operations Investigator Manager at Cisco Recorded: May 24 2017 32 mins
    Veteran threat hunter Jason Smith will detail:
    • How to structure your Security Operations Center (SOC) and network to help uncover hidden threats
    • Best practices to make hunting data accessible and fluid
    • Essential tools and tips from Jason's hunting experiences

    About the hunter:
    Jason Smith has a background in physics and has built everything from particle
    accelerators to explosive neutralizing robots used by the military. He has worked in multiple US Department of Defense SOCs and has worked with the largest security vendors to operationalize security in the world's largest
    organizations. Jason co-wrote Applied Network Security Monitoring and maintains the open source project FlowBAT, a graphical flow data analysis tool. Jason currently works remotely for Cisco from his home in Nashville, TN.
  • Leading and Building Threat Hunting Teams (Hunter Spotlight)
    Leading and Building Threat Hunting Teams (Hunter Spotlight)
    Alan Orlikoski, Security Engineer at Square Inc. Recorded: May 23 2017 33 mins
    Our Hunter Spotlight series kicks off with Alan Orlikoski. From his 16+ years of security experience, Alan will share:
    • Organizational strategies that work for both hunters and SOC managers
    • How to create and sustain effective hunting teams
    • Best practices and tools in the field

    About the hunter:
    Alan Orlikoski is a Security Engineer and Incident Responder with over 17 years of experience. He analyzes and tests existing incident response plans, conducts forensic investigations and provides incident response and forensics training. Alan has an extensive computer forensics background and has been a leader in some of the largest incident response and security operations center development programs in the history of the respective companies.

Embed in website or blog