Threat Hunting-Modernizing Detection Operations: The SANS 2017 Threat Hunting Survey Results | Part 1
- Wednesday, April 26th, 2017 at 1:00 PM EDT (17:00:00 UTC)
- Rob Lee, Travis Farral, Zach Hill and Ely Kahn
You can now attend the webcast using your mobile device!
In this webcast, SANS will release results of its second annual Threat Hunting Survey. According to our previous survey on this topic, the 2016 SANS Survey on Threat Hunting, 86% of IT departments utilized threat hunting, although only 40% had any formal threat hunting program, and 88% said their threat hunting programs needed to be improved.
Have threat-hunting programs been formalized over the past year? And if so, to what degree? Is hunting being used more proactively than in 2016? Rather than relying on indicators of compromise to start a hunt, are hunters proactively searching for the unknown?
This webcast, the first of a two-part report of the SANS Threat Hunting Survey will look at the current state of threat-hunting programs and how they have changed in the past year. In it, attendees will learn:
- How regularly respondent organizations hunt for threats
- Whether respondents have been more successful at hiding their hunts from adversaries
- What improvements they've made in the time it takes to hunt for threats
- How they utilize their hunting information (prevention, response, improved risk posture)
- What inhibitors hold organization back from achieving proactive, continuous threat hunting
Click here to be among the first to receive access to full survey results paper, developed by SANS Fellow Rob Lee, publishing in association with the SANS Threat Hunting and Incident Response Summit.
Click here to register for the second part of the two-part results webcast on Thursday, April 27, 2017 . That webcast will focus on the skills required for threat hunters, along with best practices, tools and threat intelligence feeds that make up the hunting ecosystem.
Rob Lee is the curriculum lead and author for digital forensic and incident response at the SANS Institute. With more than 19 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention and incident response, he provides consulting services via HARBINGERS LLC. in the Boston, MA. area. Before directing services at HARBINGERS, Rob worked with government agencies in law enforcement, defense, and intelligence communities as a lead for vulnerability discovery and exploit development teams supporting Title10/50 cyber operations. Following his work in the intel community, he worked at the incident response firm MANDIANT for 5 years. Notably, he co-authored MANDIANT's first detail threat intelligence reports on Chinese APT activity titled "M-Trends: The Advanced Persistent Threat."
Travis Farral is the director of security strategy for Anomali. With over 20 years of security industry experience, he has developed a strong background in threat intelligence, incident response and industrial control systems security. Previously Travis ran the Cybersecurity Intelligence & Strategic Services team at ExxonMobil and spent several years at companies such as Nokia and XTO Energy.
Zach Hill leads the sales team at DomainTools and is responsible for driving the enterprise go-to-market strategy globally. He focuses on developing and supporting the DomainTools presence within large corporations, governments and channel partners around the world. With more than 15 years of strategic sales and business strategy experience, Zach has led successful sales efforts and process improvements within organizations both large and small. He is a graduate of the University of Washington Business School with an emphasis on marketing and a certificate in entrepreneurship.
Ely Kahn is co-founder and VP of Business Development for Sqrrl. Previously, Ely served in a variety of positions in the federal government, including director of cybersecurity at the National Security Staff in White House, deputy chief of staff at the National Protection Programs Directorate in the Department of Homeland Security, and director of risk management and strategic innovation in the Transportation Security Administration. Before his service in the federal government, Ely was a management consultant with Booz Allen Hamilton. He has a BA from Harvard University and a MBA from the Wharton School at the University of Pennsylvania.