Threat Hunting is a core activity in SOCs. It involves not only reviewing alarms and triaging them but validating and coordinating threat mitigation efforts. To efficiently hunt for threats, it's crucial to have the right tools, procedures, and personnel.
In this session, Marcos Schejtman, LogRhythm principal sales engineer, and Luis Castaneda, LogRhythm enterprise sales manager, will use the LogRhythm platform to explore different threat hunting approaches and provide tips & tricks on how to best use them.
Attend this session and you’ll learn:
• How to use manual and automatic threat hunting processes
• Why historical correlation is key for the remediation process
• How to Integrate with external tools for automated malware analysis (such as Cuckoo)
• How Network Detection and SIEM can work together to help detect and hunt threats