While the term “threat hunting” has become increasingly popular in recent years it’s actually a practice that many mature teams were practicing in some form of another. The basic proposition of threat hunting is to use the IT stack in order to produce actionable information. The questions then become how do I do that and where do I get started?
In this webcast, Practice Advisor for Detection and Response, Jeffrey Gardner, Rapid7, will give an overview of threat hunting methodology and the difference between attack based hunting and data based hunting. From there he will provide some examples of different threat hunts he has used successfully throughout his career and will explain how to quickly stand up a threat hunting program within your organization. Lastly, he’ll detail the role of IOC’s and the dependencies necessary to utilize them effectively.
Tune in and walk away with an understanding of:
-How to lay the foundation for success with threat hunting (hint: discipline!)
-How to quickly stand up a threat hunting program within your organization
-How to utilize the treasure trove of resources provided to up-level your threat hunting game