Building an Enterprise Threat Hunting Program
We all understand the importance that an incident response (IR) program brings to defending the enterprise, but what is beyond that? As security professionals, how do we lead the enterprise to transition from a reactive IR model to a pro-active IR model?
The purpose of this talk is to share my experiences and lessons learned on building a scalable enterprise threat hunting program. We will cover the methods behind establishing an enterprise threat hunting capability that strengthens and supplements the incident response program.
Speakers Bio: Tim is a Senior Information Security Analyst for a multinational mining corporation based out of Vancouver. Tim is experienced in incident management, incident response (IR), and pro-active IR. In his current role, he is focused on planning, developing and leading enterprise security initiatives that increases the security posture, and safety culture of the enterprise. Tim is an active participant of various North American and local security communities.
Tim holds: B.Tech in Network Security, GREM, GCFE, GCIH.