Hi [[ session.user.profile.firstName ]]

Threat Hunting Academy

  • Date
  • Rating
  • Views
  • Best Practices in Threat Hunting: Optimizing the Anomalous Activity Search
    Best Practices in Threat Hunting: Optimizing the Anomalous Activity Search
    Brenden Bishop, Data Scientist, the Columbus Collaboratory Recorded: Mar 13 2019 44 mins
    Join us for this webinar that will present an advanced data science approach to detecting anomalous behavior in complex systems like the typical corporate network that your IT Security team is trying to defend. Generalized anomaly detectors, without tuning for a specific use case, almost always result in high false alarm rates that lead to analyst alert fatigue and a detector which is effectively useless. In this session, Brenden Bishop, Data Scientist at the Columbus Collaboratory, will present an open source tool and best practices for building specific, repeatable, and scalable models for hunting your network’s anomalies. Through iteration and collaboration, defenders can hone in on interesting anomalies with increasing efficiency.
  • Distinguish Signal from Noise: Find Threats in Your Security Sensor Data
    Distinguish Signal from Noise: Find Threats in Your Security Sensor Data
    Slava Nikitin, Data Scientist, The Columbus Collaboratory Recorded: Feb 27 2019 45 mins
    Join us for this webinar that will recommend how to deal with your “big data” problem when dealing with the massive volume of raw, unprocessed data points from your network security sensors. Hint: don’t start with the data and attempt to drill down to the problem. Instead, as Slava Nitikin, Data Scientist from the Columbus Collaboratory will explain, you must start by the defining problem, building a threat model, and then focusing on the corresponding signals in your sensor data. We will walk through the use case for an Active Directory password spraying attack to demonstrate how to define and apply appropriate filters to your security data for faster detection, more accurate threat scoring and more effective security overall.
  • Threat Hunting: A Live Demonstration
    Threat Hunting: A Live Demonstration
    David Morris, Andrew Johnston, Mark Rasch Recorded: Jan 24 2019 77 mins
    This session will feature a live demonstration of Threat Hunting by a former Federal law enforcement cyber threat hunter. In this session, you will see what a Threat Hunter actually does and how it is done.
  • Beyond the Marriott Breach - What to Expect in 2019
    Beyond the Marriott Breach - What to Expect in 2019
    Speakers: Nir Gaist, CTO/Founder and Robert Zamani, Director of Solutions Architect. Moderator: Rene Kolga, Product Recorded: Dec 19 2018 64 mins
    What will 2019 bring for the security landscape? How many Marriott-like breaches should you expect? What new types of attacks are you likely to see, and what can you do now to prepare for them? Nyotron’s team of security experts will have the answers for you during our December 19th live webinar.

    Making informed predictions first requires thinking back on 2018 with a critical eye. We will review a few of the most significant vulnerabilities and data breaches that made national headlines, from the City of Atlanta to Meltdown and Spectre, to the Marriott debacle and why the healthcare industry appears unable to defend itself. Our panel will also discuss the issues and trends they expect will dominate 2019, including adversarial artificial intelligence (AI) and destructive attacks on ICS.

    We will wrap up with ideas on how you can make an effective case for additional security budget and how to educate yourself about the changing threat landscape (and to get those CPE’s before the year’s end).
  • Gaining the Upper Hand on Network Vulnerabilities
    Gaining the Upper Hand on Network Vulnerabilities
    Nathan Vega, VP Product, Columbus Collaboratory Recorded: Nov 8 2018 60 mins
    Join security experts from Columbus Collaboratory to learn how to elevate your network’s cybersecurity defenses by identifying and remediating the most critical vulnerabilities. We will discuss best practices for vulnerability scanning, managing the seemingly overwhelming volume of scan data, data visualization techniques, and how combining vulnerability data, threat data and asset classification is critical to prioritizing your remediation efforts when resources are scarce and time is of the essence.
  • Crypto-Jacking, Ransomware & Worming Malware's Frightening Future
    Crypto-Jacking, Ransomware & Worming Malware's Frightening Future
    Jay Beale, Co-founder, COO & CTO, InGuardians Recorded: Oct 25 2018 47 mins
    Crypto-mining malware and crypto-jacking have taken center stage in cybercrime news. We’ll discuss the most recent events and see how this links to ransomware, which dominated the cybercrime news last year, where one outbreak cost seven companies over one billion dollars.

    Both crypto-mining malware and ransomware, aside from gathering headlines, demonstrate that cybercriminals and nation state actors are building capabilities for worming malware that could have the ability to do far greater damage than has yet been seen.

    Come to this talk, learn what’s been going on, where it’s likely going, and how to avoid being a victim of a headline-generating event.

    About the Speaker:
    Jay Beale created two tools used by hundreds of thousands of individuals, companies and governments, Bastille Linux and the Center for Internet Security’s first Linux/UNIX scoring tool. He has led training classes on Linux security at the Black Hat, CanSecWest, RSA, and IDG conferences, as well as in private corporate training, since 2000. As an author, series editor and speaker, Jay has contributed to nine books and two columns and given more than one hundred public talks. He led the development of the Linux security standard for the Center for Internet Security, served on the board of Mitre’s OVAL project, and serves as a member on the O’Reilly Security Conference’s program committee.

    He is a co-founder, COO and CTO of the information security consulting company InGuardians, a leading information security consultancy with offices in Seattle, Boston, Chicago, Dallas, Atlanta and Washington, DC.
  • Threat Hunting - An In-depth Explanation
    Threat Hunting - An In-depth Explanation
    Juanita Koilpillai, Mark Rasch, Andrew Johnston and David Morris Recorded: Jul 23 2018 61 mins
    Threat Hunting is a complicated and often misunderstood cybersecurity activity that if properly used can add tremendous value to your cybersecurity posture.

    In this session you will learn:
    What is Threat Hunting?
    When do I use it?
    What will it tell me?
    How do I use it?
    What are the legal implications?

    Learn from the following leading experts:
    Juanita Koilpillai: Chief Technology Advisor, Digital Risk Management Institute
    Mark Rasch: Chief Legal Council,Digital Risk Management Institute
    Andrew Johnston: Associate Consultant,Mandiant
  • Breach Detection and Response Handbook
    Breach Detection and Response Handbook
    Alex Holden, CISO of Hold Security Recorded: Jun 6 2018 61 mins
    With GDPR at our doorstep, getting breached not only carries losses due to hackers but the potential of penalties from the regulators and government. What is the best advice on how to deal with breaches, besides not getting breached? Let’s discuss the basics to show a measured standard for detecting malicious events, classifying them, and responding with at most efficiency.
  • CPE Webinar - Cyber Strong: Preparing the Nation’s Cyber Workforce
    CPE Webinar - Cyber Strong: Preparing the Nation’s Cyber Workforce
    Nancy Limauro, Deputy Branch Chief & Noel Kyle, Program Lead, Cybersecurity Education & Awareness Branch at DHS Recorded: May 18 2018 58 mins
    The Nation has an ever-growing need for cybersecurity professionals who can protect our networks and infrastructure from increasing cyber threats and attacks. According to a study by the Center for Cyber Safety and Education, there will be a shortage of 1.8 million information security workers by 2022. Building a skilled and agile cybersecurity workforce to fill these positions is a national challenge.

    To address the shortage of skilled workers, it is critical for all communities to work together to coordinate cybersecurity awareness, education, training, and workforce development efforts. Current initiatives across the Federal Government help advance the cybersecurity workforce, particularly through training and professional development. The Department of Homeland Security (DHS) is leading such efforts through its Cybersecurity Education and Awareness (CE&A) Branch.

    We will also share information about our Stop. Think. Connect.™ campaign to help promote safe online behavior. Stop. Think. Connect.™ resources provide partnership opportunities to academic institutions, government agencies/departments, as well as non-profit organizations.

    Join this webinar to learn:
    1. How to find CE&A awareness, education, and workforce development resources
    2. How to use National Cybersecurity Workforce Framework (NCWF) tools
    3. How to partner with our Stop. Think. Connect.™ Campaign

    This webinar is part of ISSA's Security Education and Awareness Special Interest Group Webinar Series.

    - Nancy Limauro, DHS, Deputy Branch Chief, Cybersecurity Education & Awareness Branch
    - Noel Kyle, DHS, Program Lead, Cybersecurity Education & Awareness Branch

    This webinar qualifies for CPE credits. Please fill out the survey via the attached link to claim your credit.
  • Moving to an Active Defense - how far can you go?
    Moving to an Active Defense - how far can you go?
    Andy Robinson, Mark Rasch, Dave Morris Recorded: May 9 2018 75 mins
    This session will delve into the concept of Active Defense in Depth, what is it, and what are its implications - legally, operationally, tactically and strategically.

    Join the following presenters:

    Andy Robinson: Principal at TIBAT, Board of Directors at George Washington University, Center for Cyber and Homeland Security, Research Advisory Board at George Washington University
    Mark Rasch: Chief Legal and Compliance Partner at DRM Institute, former Chief Security Evangelist at Verizon, former Lead Prosecutor at U.S. DOJ. Cyber Crime Unit.

Embed in website or blog