Building An Enterprise Threat Hunting Program
We all understand the importance that an incident response (IR) program brings to defending the enterprise, but what is beyond that? As security professionals, how do we lead the enterprise to transition from a reactive IR model to a pro-active IR model?
The purpose of this talk is to share my experiences and lessons learned on building a scalable enterprise threat hunting program. We will cover the methods behind establishing an enterprise threat hunting capability that strengthens and supplements the incident response program.
Speakers Bio: Kevin is a Vancouver based enterprise security leader. Kevin is experienced in offensive security, digital forensics incident response, and enterprise security architecture. Kevin is most passionate about building lasting enterprise security capabilities by focusing on developing skilled teams of multidisciplinary practitioners through mentor-ship and coaching. Kevin actively participates in various Global, and local security communities.