Fall Cyber Solutions Fest 2024: Threat Hunting and Intelligence Track

Going from responding to incidents to actively hunting threats is a stance shift that requires maturity in your cybersecurity journey. It also requires having access to the right threat intelligence, the right visibility across your environment, as well as the right tools to do the job. 

That's where the Fall Cyber Fest Threat Hunting & Intelligence Track comes in. Advances in data science and artificial intelligence can help organizations bridge the maturity gap, but we shouldn’t forget that it’s ultimately a human with financial or geopolitical interests who’s behind these attacks. Also, the same technology is available to both sides, and just as quickly as new models become more effective at threat detection, malicious actors grow more capable at confusing those models.

Likewise, organizations have now access to threat intelligence sources through various vendors and platforms. Yet many are not necessarily seeing all the value threat intelligence can bring because they don't understand how to operationalize it or they are not taking advance of the tools that can help them automate and accelerate their threat-hunting programs.

At the same time many security practitioners still struggle with the basics, the three big “knows” that every organization should focus on: knowing your enemy, knowing your network, and knowing your tools. Why? In many cases they are too busy responding to alerts and false positives to do what's needed for a threat-hunting program to be successful.

What should organizations do in 2024/2025 to take a more proactive stance, operationalize threat intelligence and focus on maturing their threat hunting program?

What to Expect:

  • Enriching alerts with threat intelligence
  • Utilizing XDR and MDR services to help accelerate your threat-hunting program
  • Operationalizing threat intelligence
  • Automating threat hunting tasks with XDR, NDR, and threat intelligence solutions
  • Identifying the most actionable intelligence for the organization

Additional Fall Cyber Fest Tracks:

Why Register?

  • Expert-Led Sessions
  • Flexible Attendance (Attend live or watch on your own time!)
  • On-Demand Access (Revisit sessions at your convenience!)
  • Connect with Industry Leaders
  • Build Your Professional Network
  • Exclusive Insights
  • Earn CPE Credits

SANS Slack

  • Get connected with our event chairs, guest speakers, and fellow attendees for our 2024 events --> GET CONNECTED
Threat Track Reg Page

Thank You To Our Sponsors

Anomali_Logos_Anomali Full Color Primary - NEW.pngCensys_Logo_Black_Text.pngLogo_dark_RGB_(1).jpgLookout_-_Color_-_370x200.jpgNEW.pngthreatconnect-signature.png

Agenda | November 8, 2024 | 9:00AM - 1:30PM ET

Register now and join us for a day of thought-provoking content!

Timeline (EDT)

Session Details

9:00 AM

Welcome & Opening Remarks

Terrence Williams, Certified Instructor, SANS Institute

9:20 AM

Session One | Title Coming Soon!

Session Details Coming Soon!

10:00 AM

Break

10:15 AM

Session Two | What We Can Learn about Detecting Targeted Malware in APTs from Hidden Cobra

In this session, we will explore the technical intricacies of detecting targeted malware in APT’s, along with proven methods and mitigation strategies to combat these threats. As a real-world example, we will step through Hidden Cobra’s operations and its especially evasive malware. You’ll learn how to enhance your network security by effectively leveraging Indicators of Compromise (IOCs) to stay ahead of increasingly sophisticated attack campaigns. Join us to improve your organization’s defense mechanisms and get key takeaways around:
- In-depth understanding of Hidden Cobra and its malware
- Analysis of key malware reports, such as COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH
- Practical insights into threat detection using the ReversingLabs Spectra Platform
- Strategies for effective use of IOCs and continuous threat monitoring

Stuart Phillips, Threat Intelligence Researcher, Reversing Labs

Ali N. Khan, Field CISO, ReversingLabs

10:45 AM

Session Three | Title Coming Soon!

Session Details Coming Soon!

11:15 AM

Session Four | Title Coming Soon!

Session Details Coming Soon!

Shunta Sanders, Censys

11:45 AM

Break

12:00 PM

Session Six | Keynote: Technology for the Good of the Community

Details Coming Soon!

Rob E. Williams, Head of Global Channels, SandboxAQ

12:50 PM

Afternoon Kick-off

Terrence Williams, Certified Instructor, SANS Institute

1:00 PM

Session Seven | Title Coming Soon!

Session Details Coming Soon!

1:30 PM

Wrap-Up

Terrence Williams, Certified Instructor, SANS Institute