Continuous DFIR: The need for Threat hunting as a culture
The number of breaches / incidents are increasing year after year. The criticality of the breach seems to also grow every year. With state of the art NSMs and UBAs and mature SIEMs why are we failing. The answer lies in the lack of context. Single dimensional alerting, False positive alert fatigue and the lack of threat hunting. We are talking about living with assumption of breach and building threat hunting part of the SoC culture.
Speakers Bio: Co-Founder ElevatedPrompt. Over 15 Years experience in Information Security. Experience in Application design, Network Architecture and Security architecture. Worked with Crown Corporations across Provinces. Worked with Telcos, Energy Utility and Mining sectors in Canada