Become more effective at your job with hands-on cyber security training in Anaheim. Save $300 thru 11/27.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters

  • Tuesday, October 29th, 2019 at 3:30 PM EDT (19:30:00 UTC)
  • Mathias Fuchs and Josh Lemon
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsors

  • Anomali
  • Authentic8
  • VMWare Carbon Black
  • DomainTools
  • ExtraHop
  • Lastline
  • ThreatConnect
  • ThreatQuotient
  • Sophos Inc.
  • Verodin

You can now attend the webcast using your mobile device!

Overview

Organizations just starting their threat hunting journey have different needs than those who are honing their skills and programs. The SANS 2019 Threat Hunting Survey looks at those differences and how they impact the priorities set by both types of organizations. Specifically, survey authors Mathias Fuchs and Joshua Lemon will report the survey results and explore the differing:

  • Definitions of threat hunting
  • Methodologies of performing threat hunting
  • Spending priorities and training needs
  • Tools and system data needed for a successful hunt
  • Effectiveness of hunting practices

The authors will provide actionable advice to assist organizations as they grow their programs and improve their threat hunting abilities, whether they are new to threat hunting or are simply honing their processes.

Click here to register for a panel discussion involving the authors and sponsors on Wednesday, October 30, 2019, at 3:30 PM (EDT) to learn more about how your organization can use these survey results to improve your threat hunting.

Be among the first to receive the associated whitepaper written by threat hunting experts Mathias Fuchs and Joshua Lemon.

Speaker Bios

Mathias Fuchs

Mathias Fuchs, a certified instructor for SANS FOR508: Advanced Digital Forensics, Incident Response, and Threat Hunting, is head of cyber defense at InfoGuard AG, where he is actively engaged in building the incident response (IR) practice. In that role he uses his knowledge to shape his team; develop the necessary forensic, IR and threat hunting capabilities; and proactively mediate security vulnerabilities that would be more difficult to manage later. Prior to joining InfoGuard, Mathias was a principal consultant at Mandiant, where he led large-scale cybersecurity investigations. He also was the lead security architect at T-Systems and a security consultant for international clients in a variety of industries.


Joshua Lemon

Joshua Lemon is a certified instructor for SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics. He is the director for strategic response and research in the Security Response Center at Salesforce, providing research, development and identification of future technical capabilities for the center. Previously, he was computer security incident response team (CSIRT) manager for the Commonwealth Bank of Australia, leading one of the largest dedicated IR teams in the Australian commercial sector. Josh’s experience in cybersecurity includes project management, threat hunting, IR, forensic analysis, reverse engineering, penetration testing, secure network design and software development. He holds GREM, GCFA, GDAT, GNFA, GCIH, GPEN, GPYC certifications.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.