Becoming a Threat Hunter in Your Enterprise

For years, most IT security organizations have waited to detect new threats and  then moved swiftly to defend against them. Today, however, there is a new wave  of “threat hunting,” in which the security team takes a more proactive approach --seeking out potential threats before the attackers have a chance to act. How do enterprises build threat hunting programs? How do they staff them, and what tools do they need? What skills and training does a great threat hunter need? In  this Dark Reading webinar, a top expert discusses the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization.

Available:
On Demand
Duration:
1h 00min

When you attend this webinar, you will learn:

  • What tools must be in any threat hunter's toolbox
  • How to identify the telltale signs of threat activity, and where to go looking for them
  • What skills and qualities make the best threat hunters
  • When threat hunting is the best option, and when it isn't
  • How to build an efficient threat hunting program (even when you have too much threat intelligence to weed through, and too few security staff to do the weeding)

Featured Speakers

  • John H Sawyer
    John H Sawyer
    Director of Services
    IOActive

    John H Sawyer is the Associate Director of Services and Red Team Lead at IOActive. He leads the red team operations performing multi-vector, chained attacks across physical, technical, and human elements to demonstrate operational and business risks to clients in all verticals. John has an extensive background in intrusion analysis, forensics, and incident response. He is member of the winning team from DEF CON 14’s and 15’s Capture the Flag competition, co-founder of the University of Florida Student Infosec Team (http://ufhack.org), and founder of SwampSec (http://swampsec.org). John is also a respected author and trainer for organizations including Dark Reading and InformationWeek Magazine, Interop, BruCON, OWASP AppSec DC, SANS, and B-Sides Jacksonville.

  • Jeff Costlow
    Jeff Costlow
    Deputy CISO
    ExtraHop

    Jeff Costlow is the Director of Security at ExtraHop. He started his career in computer security in 1997. Jeff has deep experience with networking protocols, a passion for secure software development and many years of software engineering under his belt. Prior to ExtraHop, Jeff served as Software Security Architect at Tempered Networks and as Product Development Manager at F5 Networks responsible for a team of development and test engineers and the security of F5 platforms. In his spare time, Jeff enjoys building and sailing small boats, making beer or cider, mentoring for FIRST robotics, and raising Pacific Northwest mason bees.

  • Tim Wilson
    Tim Wilson
    Editor in Chief
    Dark Reading

    Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Sponsored By