Presented by
Brian Coulson, Dan Kaiser, and Sally Vincent
[APAC] Threat Hunting with ATT&CK Technique "X"
About this talk
Threat hunting with MITRE ATT&CK techniques can be approached in several ways.
Join members of the LogRhythm Labs team as they take you on a journey of how to use MITRE ATT&CK techniques and LogRhythm to make your threat hunting activities more valuable and effective.
They will start the journey using the known techniques of MITRE ATT&CK Group APT 29, also known as the Russian threat actor group The Dukes or Cozy Bear. The team will describe the known Indicators of Compromise (IOCs) like file hashes, IP addresses, etc., and how IOCs play into MITRE ATT&CK technique searches, and dashboards. Finally, the team will dig into more unknown, or suspicious activity based on the techniques by focusing on encoded PowerShell.
You’ll Learn:
- Threat hunting made easy using MITRE ATT&CK techniques
- How to create custom LogRhythm dashboards and searches.
- Moving from known, to unknown, and back to known to increase your detection capabilities
More from this channel
Upcoming talks (2)
On-demand talks (256)
Subscribers (76929)
LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency.
With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com