Presented at
Texas Cyber Summit 2019,
Oct. 10, 2019, 11:15 a.m.
(45 minutes)
Hunting is one of the hottest buzzwords when it comes to cyber security - especially in defensive oriented realms. As a result, there are hundreds of tools, articles, and books on how to hunt. Yet, if it was that simple - why are we still having issues doing this successfully - even if we ignore advanced threat actors? There are so many tools that may be able to report that something is happening on a network, but the blue teams themselves are unable to interpret these results in a timely manner, which results potentially missing something critical.
Therefore, rather than introduce a new tool, this talk will focus on how people can improve themselves to be better hunter, and how to better structure teams to also hunt more effectively. The tools that blue teams use cannot always be controlled - as tools are restricted by policy, money, and availability. Instead, what we can control is how we operate, how we educate ourselves, and overall how do we function during a hunt.In this talk, I’ll focus on how to improve yourself with technical skills and soft skills . However, it is impossible for just one person to always find the bad guy. As a result, I will also concentrate on how team structure, dynamics, and other skills are also important and how to improve these.
This talk is aimed for beginners and intermediate blue teams who are looking to further improve themselves and how they function, so that we can work on being effective.
Presenters:
-
Dr Chelsea Hicks
- DoD
Dr. Chelsea Hicks is a computer scientist for the Department of Defense. Dr. Hicks brings her background in cybersecurity via competitions, participating in the local infosec community, academic career, and professional career to provide insights when possible at conventions such.
Links:
Similar Presentations: