Get an 12.9" iPad Pro, Surface Pro or $400 Off Online Training - Only 2 Days Left!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Hunting 101 - Back to Basics: Implementing a Proactive Cyber Hunting Approach

  • Thursday, September 8th, 2016 at 1:00 PM EDT (17:00:00 UTC)
  • Brad Mecha and Dave Shackleford
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Cybereason

You can now attend the webcast using your mobile device!

Overview

What happened to being proactive? Everything today is about "hunting". IOC hunting, adversary hunting, insider threat hunting, and the list continues. It's not only about finding the adversary or the latest 0-day. It's about being better prepared, understanding your defense posture, and being able to find the activities missed or hiding in your existing data.

Cut through the hype and get back to the basics to better understand:

  • What is hunting and why is it important?
  • How the hunting role is different compared to other roles in IT Security.
  • How to start hunting now, no matter the size or maturity of your security program.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.


Brad Mecha

Brad Mecha has spent the past decade in multiple capacities helping companies defend themselves against a wide variety of threats. In his current role as Hunting Team Lead at Cybereason, a security startup leveraging behavioral analytics and machine learning, Brad is educating security teams on how to use turnkey endpoint data analytics to augment and automate their hunting and detection capabilities.

Previous to Cybereason, Brad was a SOC/CIRT Consultant with RSA, the Security Division of EMC specializing in Response Optimization and Development, Threat Intelligence, Network Forensics and Malware Analysis. Prior to RSA, Brad was the CIRT Lead responsible for IR Program Development and Incident Detection for Rockwell Automation, a provider of Industrial Automation and Advanced Manufacturing headquartered in Milwaukee, WI.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.