Think Differently About Data — Succeed at Threat Hunting & IR presented at DallasCISOExecutiveSummitQ2 2019

by Tom Roeh,

Summary : Two pillars of a successful and proactive SOC are threat hunting and incident response. The use of network traffic analysis can help improve performance in these two areas, if you can trust the data. In this session, you will learn:Current attack practices, including abuse of legitimate traffic and encryptionHow hunters hide from attackers to avoid counter IR maneuversWays to make analysts faster and more effective at validating and responding to threatsOptions for empowering cross-training and on-the-job training to increase analysts' skillsClarity on how gaining visibility into cloud and encrypted traffic