Open Season on Cyberthreats: Part 2- Threat Hunting Methodologies and Tools
- Friday, April 15th, 2016 at 1:00 PM EDT (17:00:00 UTC)
- Eric Cole, PhD, Ely Kahn, Tim Helming and Mike Nichols
You can now attend the webcast using your mobile device!
Expanding on the results of the 2015 SANS Incident Response Survey, the threat hunting survey explores the uses and benefits of threat hunting. Results of the survey will be presented in a two-part webcast.
Part 1 of this webcast, held on Thursday, April 14, 2016, at 1:00 p.m. Eastern, focuses on what threat hunting is, pitfalls to gaining actionable results and how threat hunting is currently being used.
In this part 2 webcast, attendees will learn about the following:
- What tools organizations are using for threat hunting
- What skills hunters need
- How threat hunting affects and is affected by security budgets
Be among the first to receive the associated whitepaper written by threat hunting expert and SANS Analyst Eric Cole.
View the assciated whitepaper here.
Eric Cole, PhD, is a SANS faculty fellow, course author and instructor who has served as CTO of McAfee and chief scientist at Lockheed Martin. He is credited on more than 20 patents, sits on several executive advisory boards and is a member of the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency. Eric's books include Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible and Insider Threat. As founder of Secure Anchor Consulting, Eric puts his 20-plus years of hands-on security experience to work helping customers build dynamic defenses against advanced threats.
Ely Kahn is co-founder and VP of Business Development for Sqrrl. Previously, Ely served in a variety of positions in the federal government, including director of cybersecurity at the National Security Staff in White House, deputy chief of staff at the National Protection Programs Directorate in the Department of Homeland Security, and director of risk management and strategic innovation in the Transportation Security Administration. Before his service in the federal government, Ely was a management consultant with Booz Allen Hamilton. He has a BA from Harvard University and a MBA from the Wharton School at the University of Pennsylvania.
Tim Helming, DomainTools director of product management, has over 15 years of experience in cybersecurity, from network to cloud to application attacks and defenses. At DomainTools, he applies this background to helping define and evangelize the company's growing portfolio of investigative and proactive defense offerings. At WatchGuard, he helped define and launch some of the best-selling SMB security appliances in the market. At Symform, he led definition and messaging efforts for that company's unique peer-to-peer cloud storage solution. Tim has spoken at security conferences, media events, and technology partner conferences worldwide.
Mike Nichols is the Principal Product Manager at Endgame, managing the Endgame cyber operations platform. Mike leverages years of commercial and federal product development experience, as well his time as an Army cyber intelligence analyst, to ensure the product not only has a superior workflow to existing methods but also optimizes the analyst's time. He divides his time between internal engagement with engineering and customer support, and external engagement with existing customers and new sales prospects in order to best understand the needs of the customer and ensure proper translation to mission enabling features. Prior to working at Endgame, Mike served in a variety of technical leadership roles at Fortscale, General Dynamics Fidelis Cybersecurity Solutions, and Deloitte. Mike served in the US Army as military intelligence specialist, supporting Operation Iraqi Freedom and Operation Enduring Freedom.