Testing Visibility to Develop an Innovative Threat Hunting Program

Presented by

Joe Moles VP, Customer Sec Ops & Adam Mathis Security Practitioner @ Red Canary, Jimmy Astle Threat Researcher @ Carbon Black

About this talk

Do you have the visibility you need to hunt for adversary techniques? Increasing the quality and quantity of data analysis requires a robust set of tools, techniques, and practices. Learn how to use the MITRE ATT&CK™ framework, CB Response, and Atomic Red Team to hunt for adversary techniques and build functional tests to understand visibility. This hands-on technical session will demonstrate how to: - Hunt for frequently used ATT&CK techniques with CB Response - Measure and improve visibility with Atomic Red Team tests - Turn new intelligence into hunting criteria - Investigate data that can support a judgment call on whether activity is malicious or benign

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (12)
Subscribers (2213)
VMware Carbon Black is a leader in cloud-native endpoint protection dedicated to keeping the world safe from cyberattacks. The VMware Carbon Black Cloud consolidates endpoint protection and IT operations into an endpoint protection platform (EPP) that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. Carbon Black combines unfiltered data collection, predictive analytics, and cloud-based delivery to provide superior endpoint protection that puts defenders back in control.