Last Day to get an iPad Pro with Smart Keyboard, Surface GO or $350 Off with Online Training

Threat Hunting & IR Summit

New Orleans, LA | Thu, Sep 6 - Thu, Sep 13, 2018
This event is over,
but there are more training opportunities.

Threat Hunting & Incident Response Summit Agenda

Summit speakers

We strive to present the most relevant, timely and valuable content. As a result, this agenda is subject to change. Please check back frequently for changes and updates.

Download the full Summit Agenda, complete with presentation overviews!

Thursday, September 6th
Time Presentation Speaker
9:00-9:45 am Opening Keynote Ben Johnson (@chicagoben), Co-Founder & CTO, Obsidian Security
9:45-10:20 am

Uncovering and Visualizing Malicious Infrastructure

  • Josh Pyorre (@joshpyorre), Security Research Analyst, Cisco Umbrella
  • Andrea Scarfo (@AScarf0), Security Research Analyst, Cisco Umbrella
10:20-10:45 am Networking Break
10:45-11:20 am This Is the Fastest Way to Hunt Windows Endpoints Michael Gough (@HackerHurricane), Malware Archaeologist, Malware Archaeology
11:20-11:55 am

Threat Hunting in Your Supply Chain

Jake Williams (@MalwareJake), Founder, Rendition Infosec
11:55 am - 1:15 pm

Lunch & Learn, Presented by

1:15-1:50 pm

ATT&CKing the Status Quo: Threat-Based Adversary Emulation with MITRE ATT&CK

1:50-2:25 pm Cyber Threat Hunting in the Middle East
  • Kevin Albano, Global Lead, Threat Intelligence, IBM X-Force IRIS
2:25-2:55 pm Networking Break
2:55-3:30 pm

Hunting for Lateral Movement Using Windows Event Logs

Mauricio Velazco (@mvelazco), VP - Threat Management, Blackstone
3:30-4:05 pm

Forecast: Sunny, Clear Skies, and 100% Detection

Alissa Torres (@sibertor), Incident Response Manager, Cargill; Certified Instructor, SANS Institute
4:05-5:00 pm

Live Debates

Moderator: Matt Bromiley, Certified Instructor, SANS Institute; Cylance

Friday, September 7th
Time Presentation Speaker
9:00-9:45 am


Keynote
Differentiating Evil from Benign in the Normally Abnormal World of InfoSec

Rick McElroy, Security Strategist, Carbon Black

9:45-10:20 am How to Submit a Threat Profile to MITRE ATT&CK Walker Johnson (@wjohnsonsled), Senior Security Engineer, Banking & Finance
10:20-10:45 am Networking Break
10:45-11:20 am Threat Hunting Using Live Box Forensics John Moran, Senior Product Manager, DFLabs
11:20-11:55 am

Viewing the Nodes in the Noise: Leveraging Data Science to Discover Persistent Threats

David Evenden, Senior Vulnerability Exploitation Analyst, CenturyLink
11:55 am - 1:15 pm Lunch
1:15-1:50 pm

Hunting Webshells: Tracking TwoFace

  • Josh Bryant (@FixtheExchange), Director of Technical Account Management, Tanium
  • Robert Falcone, Threat Researcher, Palo Alto Unit 42
1:50-2:25 pm

Who Done It: Gaining Visibility and Accountability in the Cloud

Ryan Nolette, Security Technologist, AWS
2:25-3:00 pm Quantify Your Hunt: Not Your Parents' Red Team
  • Devon Kerr (_devonkerr_), Principal Threat Researcher, Endgame
  • Roberto Rodriguez (@cyb3rward0g), Senior Threat Hunter, SpecterOps
3:00-3:30 pm Networking Break
3:30-4:05 pm Launching Threat Hunting From Almost Nothing Takahiro Kakumaru, Security Researcher, NEC
4:05-4:40 pm

Threat Hunting or Threat Farming: Finding the Balance in Security Automation

  • Robert M. Lee (@RobertMLee), CEO, Dragos Inc.
  • Alex Pinto (@alexcpsec), Lead Security Data Scientist, Verizon Enterprise Services
4:40-5:15 pm Lightning Talks

Moderator: David J. Bianco (@davidjbianco), Principal Engineer, Cyber Security, Target