16 InfoSec Courses, 2 Weeks of Training at SANS Virginia Beach 2017. Save $400 thru June 28.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Reducing Attacks and Improving Resiliency: The SANS 2017 Threat Hunting Survey Results | Part 2

  • Thursday, April 27th, 2017 at 1:00 PM EDT (17:00:00 UTC)
  • Robert M. Lee, Toni Gidwani, Mike Scutt and Dana Torgersen
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsors

  • Anomali
  • DomainTools
  • Malwarebytes
  • Rapid7 Inc.
  • Sqrrl Data, Inc.
  • ThreatConnect

You can now attend the webcast using your mobile device!

Overview

Even though their processes aren't formal or mature, respondents reported benefits from their hunting practices, including reduce attack surfaces and detection of unknown threats in the enterprise, according to the 2016 SANS Survey on Threat Hunting. In that survey, 74% of respondents who use threat hunting said that hunting for threats reduced their attack surfaces, while 59% cited more accurate response, and 52% found previously undetected threats that were active in their enterprises.

This new 2017 survey, publishing in association with the SANS Threat Hunting and Incident Response Summit, further defines how organizations apply threat hunting to enterprise response and detection, while also bringing out new best practices for integration and use of threat-hunting information. During this session, the second in a two-part series, attendees will learn about:

  • Tools and skills utilized for successful hunts
  • Formality of threat-hunting programs and who staffs and leads teams
  • Required data feeds and collectors
  • Future uses for threat hunting
  • What respondents have on their wish lists

Click here to be among the first to receive access to full survey results paper, developed by SANS Fellow Rob Lee, publishing in association with the SANS Threat Hunting and Incident Response Summit.

Click here to register for the first part of this two-part webcast, being held Wednesday, April 26, to learn about the progress being made in threat-hunting practices, as well as the inhibitors holding organizations back from achieving the full benefits of proactive threat hunting in their enterprises.

Speaker Bios

Robert M. Lee

Robert M. Lee, a SANS certified instructor and author of the "ICS Active Defense and Incident Response" and "Cyber Threat Intelligence" courses, is the founder and CEO of Dragos, a critical infrastructure cyber security company, where he focuses on control system traffic analysis, incident response and threat intelligence research. He has performed defense, intelligence and attack missions in various government organizations, including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. Author of SCADA and Me and a nonresident National Cyber Security Fellow at New America, focusing on critical infrastructure cyber security policy issues, Robert was named EnergySec's 2015 Energy Sector Security Professional of the Year.


Toni Gidwani

Toni Gidwani is the Director of Research Operations at ThreatConnect and leads ThreatConnect’s research team, an elite group of globally-acknowledged cyber security experts dedicated to tracking down existing and emerging cyber threats. Prior to joining ThreatConnect, Toni led analytic teams in the U.S. Department of Defense.


Mike Scutt

Mike Scutt leads Rapid7’s managed detection and response service at Rapid7, where he previously led incident response services. His primary focus areas include host-based forensics, malware analysis and threat research. Mike has spent a decade in information security and has held a variety of roles, from enterprise infrastructure hardening and threat mitigation to managing incident response engagements for Fortune 50 companies. Prior to joining Rapid7, Mike managed the global incident response team for Mandiant's managed services division.


Dana Torgersen

Dana Torgersen is a veteran product marketer who cut his teeth in network and data center security while at Secure Computing, McAfee, Palo Alto Networks, and security startup Illumio. He heads up Product Marketing for Malwarebytes, encouraging individuals and businesses to protect their endpoints against malware and exploit-based threats.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.