Threat hunting basics

Presented at Disobey 2023, Feb. 18, 2023, 5:30 p.m. (120 minutes).

The workshop will be focusing on threat hunting from a technical perspective. The basics will be covered first after which we will be having a hands-on exercise to train your newly acquired hunting skills. The Goal: Understand the term threat hunting, be able to create hypotheses and to think what are the requirements for reaching the target of the hypothesis..

Presenters:

  • Jouni Mikkola
    Jouni is currently working as a manager at Nixu, being responsible for SOC solutions and the DFIR function. Before being promoted to the current role Jouni was leading the DFIR team of which he was part of for five years. Jouni started on the team as a technical Incident Response investigator and moved to lead the team some years later. Jouni has been included in incident response for years and has also been doing threat hunting assignments for a long time now. Before joining Nixu Jouni has been doing technical consulting with the focus in Microsoft server technologies, mostly with the messaging products but with a fair bit with technologies like Active Directory. In total, Jouni has worked in IT for 15 years. Jouni is also hosting a podcast known as Uhkametsä (In Finnish) and has a threat hunting blog that he is writing occasionally, https://threathunt.blog/.LinkedIn: jouni-mikkola-3b5a32114
  • Juuso Myllylä - Security Analyst
    Juuso is working as a Threat Hunter and a DFIR analyst at Nixu. Before reaching these roles, Juuso has previously worked in two SOCs, doing analyst duties and detection engineering. Blue team has always been home for Juuso and the best part of being on the defensive side is to uncover and analyze new and innovative threats. Juuso co-hosts a Finnish cybersecurity podcast Uhkametsä, discussing latest threats from defense perspective.Twitter: @juus0x0 LinkedIn: juuso-myllyla

Links:

Similar Presentations: