Threat Hunting OpSec
In recent years, increased attacker sophistication and security alert fatigue have propelled threat hunting to the focal point of the cybersecurity industry. Every vendor wants to sell it, every expert wants to define it, and every company wants to start doing it. In all the excitement of the threat hunting gold rush, it can be easy to lose sight of the fundamentals, many of which are rooted in traditional incident handling. This talk explores the operational security challenges of scaling an incident response program to a proactive threat hunting capability. It walks though the risks of arming or tipping off the adversaries while hunting threats across endpoints, networks, and cloud resources, and lays out best practices for minimizing and avoiding said risks.
Speakers Bio: Cybersecurity versatilist with over a decade of experience in network security, risk management, digital forensics and incident response. Currently leading a dedicated cyber threat hunting team.