Threat Hunting Like a Gutter Punk

Presented at NolaCon 2019, May 17, 2019, 10 a.m. (Unknown duration)

<p>Do you feel like your security program is always broke? Is it messy, belligerent, and doesn't seem to get anything done? Does it ask you for change saying something about catching a bus? </p> <p>Using open source I explore different ways to approach threat hunting with little to no budget. We will explore the available SIEMs and dive into how to configure elastic stack into a real-world practical SIEM ready made for threat hunting. We will focus mainly on practical hunting efforts with different scenarios found in my day to day and how they could be applied to your org. At the end you'll walk away knowing how to fill in gaps in your security program and maybe a little bit more money in your pocket. </p>

Presenters:

• Trey Underwood
  Trey Underwood is a infosec engineer at a super secret security company. Previously he has been involved with several IT startups, Dell, Secureworks, and Raytheon after running his own open source company. Now his free time is dedicated to research, coding, and cooking Thirty-Minute Brownies in twenty minutes.

Links:

• https://nolacon.com/talk/threat-hunting-like-a-gutter-punk

Similar Presentations:

• Black Hat USA 2022 / The Open Threat Hunting Framework: Enabling Organizations to Build, Operationalize, and Scale Threat Hunting
• GrrCON 2019 / Threat Hunting Like a Gutter Punk
• Black Hat Europe 2017 / Accelerate the Hunt: Make Attackers’ Lives Harder with Effective Threat-Hunting