Go to Hunt, Then Sleep

Presented at Black Hat USA 2017, July 27, 2017, 11 a.m. (50 minutes)

Are nightmares of data breaches and targeted attacks keeping your CISO up at night? You know you should be hunting for these threats, but where do you start? Told in the style of the popular children's story spoof, this soothing bedtime tale will lead Li'l Threat Hunters through the first five hunts they should do to find bad guys and, ultimately, help their CISOs "Go the F*#k to Sleep."


  • David Bianco - Principal Engineer, Cyber Security, Target
    David Bianco has over 20 years experience in the information security field, with the last 15 focusing on incident detection and response. He is active in the DFIR and Threat Hunting community, speaking and writing on the subjects of detection planning, threat intelligence and threat hunting. He is the principal contributor to The ThreatHunting Project (http://ThreatHunting.net) and a member of the MLSec Project (http://www.mlsecproject.org). You can follow him on Twitter as @DavidJBianco or subscribe to his blog, "Enterprise Detection & Response" (http://detect-respond.blogspot.com).
  • Robert M. Lee - CEO, Dragos, Inc.   as Robert Lee
    Robert M. Lee is the CEO and founder of the industrial cybersecurity firm Dragos, Inc. He is a well-respected authority on industrial control system cyber security and threat analysis and has authored numerous best practices, training courses (SANS ICS515 and SANS FOR578), and frameworks for the industry to use. Robert obtained his start in cyber security in the U.S. Air Force where he served as a Cyber Warfare Operations Officer. He has performed defense, intelligence, and attack missions in various government organizations including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. He may be found on Twitter @RobertMLee


Similar Presentations: