Hunt Evil presented at BSidesCairo 2020

by Mohamed Sadat,

Summary : The ability to block advanced threats improves each year, but we face adversaries who are determined and creative, and their techniques evolve just as quickly. This raises a few questions: When prevention fails, what do we have left to protect our organizations? How can we discover gaps as fast as possible? Having techniques in play to detect and respond to ongoing attacks quickly is as important as prevention.Threat hunting is a critical discipline that more organizations are using to disrupt stealthy attacks before they become mega breaches. It is the active search for “unknown unknowns,” which describes new and novel attack behaviors that aren’t detected by current automated methods of prevention and detection. It is, by nature, a “hands-on-keyboard activity,” driven by humans. Just like hunting in nature, anyone can do it, but the right experience and tools can make you much more effective.