Threat Hunting: Attack vs. Data: What You Need to Know About Threat Hunting

Logo
Presented by

Jeffrey Gardner

About this talk

While the term “threat hunting” has become increasingly popular in recent years it’s actually a practice that many mature teams were practicing in some form of another. The basic proposition of threat hunting is to use the IT stack in order to produce actionable information. The questions then become how do I do that and where do I get started? In this webcast, Practice Advisor for Detection and Response, Jeffrey Gardner, Rapid7, will give an overview of threat hunting methodology and the difference between attack based hunting and data based hunting. From there he will provide some examples of different threat hunts he has used successfully throughout his career and will explain how to quickly stand up a threat hunting program within your organization. Lastly, he’ll detail the role of IOC’s and the dependencies necessary to utilize them effectively. Tune in and walk away with an understanding of: -How to lay the foundation for success with threat hunting (hint: discipline!) -How to quickly stand up a threat hunting program within your organization -How to utilize the treasure trove of resources provided to up-level your threat hunting game -And more!
Related topics:

More from this channel

Upcoming talks (9)
On-demand talks (654)
Subscribers (56583)
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attackers methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what’s next.