Open Season: Building a Threat Hunting Program with Open Source Tools

  • Friday, 22 May 2020 10:30AM EDT (22 May 2020 14:30 UTC)
  • Speakers: James Schweitzer, Ken Westin

Threat hunting has been a hot topic for the past few years, yet many organizations have yet to build a threat hunting program. For some the challenge has been associated with cost, or getting access to the right data sources. In this talk we will discuss open source data sources including key data sources such as Zeek/Bro that can be used along with Elasticsearch to build a hunting program. We will also highlight several open source threat hunting projects to help speed up the development of your program.