How to Build a Threat Hunting Program

Presented by

Mark Thomas, Sr. Cyber Security Analyst and Threat Hunter, and Sandeep Bachhas, Sr. Cyber Threat Hunter

About this talk

When many companies think about network security, they usually think of firewalls, anti-virus software, intrusion detection systems, and multi-factor authentication (MFA). Once these preventative measures are in place, companies often centralize their monitoring and response processes by standing up a security operations center (SOC) that responds to alerts, including an incident response (IR) team tasked with mitigating and remediating any detected threats. As a security organization matures, it can begin to invest resources in more sophisticated proactive security practices, such as threat hunting. Threat hunting defends the enterprise from malicious activity that might have evaded existing security defenses. The primary goal of a threat hunting program is to decrease the gap between an initial compromise and the discovery of an attack, something that’s called “dwell time.” More specifically, threat hunts can also help find previously undetected issues. All of this helps us “level up” our overall security posture and processes to adapt better to ever-evolving threats. In this webcast, Mark Thomas, Sr. Cyber Security Analyst & Threat Hunter, and Sandeep Bachhas, Sr. Cyber Threat Hunter, will talk about the program we’ve built here at Adobe and offer their own insights and suggested best practices to help you begin to think about and develop your own program. You will come away from this webcast with a better understanding of the value of investing in a threat-hunting program and how it can help your organization improve the agility of its own security defenses.
Related topics:

More from this channel

Upcoming talks (6)
On-demand talks (903)
Subscribers (66396)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa